jordswart.org

If you are using Firefox on Windows you should get the cooliris plugin. The plugin really does a nice job if you need to browse a collection of fotos.

And since I finally have found a fix for the problems with my gallery, it even works on my gallery as well! Woot!

UPDATE: cooliris is now available on Linux as well.

Yesterday I received an email from stopbadware.org. They reviewed my site and found no problems anymore:

Google’s most recent test of your website found no badware behaviors on the site.  As such, the Google warning page for your site has either already been removed or should be removed shortly.  In addition, if your site has been listed in our Badware Website Clearinghouse, we will remove your site from the Clearinghouse list.

So far so good, a bit late maybe since my site has been unblocked since about a week. However the last paragraph of the email reads:

Please note that we will be retesting your website at periodic intervals in order to monitor that it remains free from badware. If we find that you are hosting or distributing badware in the future, the reviews process may take considerably longer than the original review.

Now this really made me laugh. The next review process might take even longer? Due to the lack of information provided by stopbadware.org and Google, my site has been marked as a badware site for approximately 2 and half weeks. It took stopbadware.org another week to review my site, after Google found it was clean. But when I get hacked again, it even might take them longer to respond than they already needed?

Considering the cooperation between firefox and stopbadware.org I might have to switch to Opera, or god help me, even Internet Explorer.

On February the 5th WordPress released version 2.3.3 of their blog software. This release fixed the following issue:

WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog.

On February the 10th I applied the version 2.3.3 to my site.

Three days later Ubuntu Hardy installed the new firefox 3.0 beta. This version of Firefox works very closely with stopbadware.org to prevent users from accessing malware or badware sites. I found this feature when I used Firefox to visit my own site. I was informed of the fact that my site actively distributes or promotes malware and Firefox will not allow access to it. Disabling one of the security features in Firefox restored the access to my site. I instantly understood that my site was hacked  (again) in the last couple of days.

Trying to find out what was going on I read a lot of information on the stopbadware.org pages. Stopbadware.org is founded by Google so it is not surprising they use Google techniques to decide which sites are badware (or malware). A google search for my site today gives the following result (I also tried the same search on Yahoo, MSN and ASK.COM. Those engines have no problem with my site since they do not try to block access to malware sites):

Doing some more research I found that Google’s webmaster tools will give me an option to let Google do a review of my site. The bad thing I found was that Google does not tell you what is wrong with your site. They only state that there is something wrong. This makes it very hard to debug the site and fix the problem. I ended up going through all the pages and have a look at the source of each.

I found two hidden links. The links were hidden in <noscript> tags, so they were not accessible for the visitors of my webpage, they were just there for search engines to enjoy (I guess the person who inserted the links hopes to gain more attention if his site gets linked to a lot). So I removed the links, did some queries on my database and decided my site was completely clean. Then I asked Google to re-evaluate my site.
Read the rest of this entry »

Update 20-02-2008:

Google does not allow this content here. Because the original text holds the name of the domain providing the advertisement, Google decided my site linked advertisement. Effectively Google is censoring my webpage and blogging about malware now seems to be impossible.

So the site got hacked. My nice little site was turned into a spam site for ‘mobile ring tones’. Ring tones are not something I would normally write about. So here is the information I could find about the whole event.

First thing to note: I was running on WordPress 2.2.1. The current WordPress version at this time of writing is 2.3.1, so the first thing I will do after creating this post is update to that version.

The posts include a couple of links: original text censored by Google (I had to remove the name of the site, let’s pretend it was an info site about some ringtones-top). If I go to that link it tells me that the offer is not available in my region and it redirects me to (finally) a company called original text censored by Google (again posting this name puts me in danger of being marked as a malware site, it was a company called perfspot). For completeness sake, I will include the result of whois for both websites:

Domain ID:D20274359-LRMS
Domain Name: censored by Google
Created On:17-Oct-2007 12:13:32 UTC
Last Updated On:17-Oct-2007 13:08:31 UTC
Expiration Date:17-Oct-2008 12:13:32 UTC
Sponsoring Registrar:eNom, Inc. (R126-LRMS)
Status:TRANSFER PROHIBITED
Registrant ID:A73F200DAE57EC01
Registrant Name:WhoisGuard Protected
Registrant Organization:WhoisGuard
Registrant Street1:8939 S. Sepulveda Blvd. #110 -
Registrant Street2:732
Registrant Street3:
Registrant City:Westchester
Registrant State/Province:CA
Registrant Postal Code:90045
Registrant Country:US
Registrant Phone:+1.6613102107
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:4648f2c48efd4542a673de6b8b59afed.protect@whoisguard.com

AND:

censored by Google
1275 W. Washington St.
Tempe, AZ 85281
US

Registrar: DOTSTER
Domain Name: censored by Google
Created on: 14-AUG-06
Expires on: 14-AUG-08
Last Updated on: 28-JUN-07

Administrative, Technical Contact:
,censored by Google support@censored by Google
censored by Google
1275 W. Washington St.
Tempe, AZ 85281
US
888-311-7373

It seems that not every registrant at whoisguard.com is just avoiding spam here…

So let’s search google for this issue. A combination of censored by Google and wordpress shows there is indeed an issue with the version of wordpress I am using.

Seems the spammers used a bug in theme.php and feed.php. My logfiles only last 6 days so I will probably not be able to find out who has been posting the stuff

It is assumed that cameras will not prevent any crime, but will help solve it. In London, at least, this assumption doesn’t seem to be true anymore. London has spent about £200 (close to 300 million Euros) installing 10.000 CCTV cameras. The overall result of this investment is a decreased proportion of crime solved, not increased. There hardly seems to be a relation between the number of cameras and the proportion of crime solved.

• There are now 10,524 CCTV cameras in 32 London boroughs funded with Home Office grants totalling about £200million.
• Hackney has the most cameras – 1,484 – and has a better-than-average clearup rate of 22.2 per cent.
• Wandsworth has 993 cameras, Tower Hamlets, 824, Greenwich, 747 and Lewisham 730, but police in all four boroughs fail to reach the average 21 per cent crime clear-up rate for London.
• By contrast, boroughs such as Kensington and Chelsea, Sutton and Waltham Forest have fewer than 100 cameras each yet they still have clear-up rates of around 20 per cent.
• Police in Sutton have one of the highest clear-ups with 25 per cent.
• Brent police have the highest clear-up rate, with 25.9 per cent of crimes solved in 2006-07, even though the borough has only 164 cameras. cameras.

Link via boingboing.

Cory Doctorow (of boingboing fame) wrote a nice column where he explains why DRM (Digital Rights Management) will never work. The article is intended to explain to non-technical people why DRM is impossible. It also explains why DRM only hurts people who actually go out and buy the content and NOT the pirates.

The thing is that when they say that you can’t travel than fast than the speed of light, they’re talking about the fundamental principles of physics: it’s impossible to get beyond lightspeed, even if science fiction movies help us conceptualise it.

In the same way, we can imagine building progressively better software locks for movies, music, ebooks, and software until we hit on one that even the wiliest hacker can’t defeat. But, just like the physicists, the geeks who say that DRM can never reach this point are speaking about fundamental principles of information science. It’s impossible to get that far.

Link.

This toy gun has a whistle on it. Just put it in your mouth and pull the trigger:

A couple of weeks ago, I got a new Laptop for work: a Dell D830 with Santa Rosa Chipset. A nice machine, but it couldn’t run Kubuntu with Beryl and all the nice graphics features I use to make Vista look pale.

To solve the issue I backported a couple of packages from gutsy to feisty (all amd64) and stored the debs in a repository. You can read all about it here. The page features a description on how to build the packages. It also has the link to connect to the repository.

I’ve updated the look ‘n’ feel. The new theme supports comments on pages, so now you can comment on the pages. Please register and do.

I finally have changed the layout! I also changed the way to access the Gallery. It is now embedded. Thanks to the guys at ozgreg for writing the WordPress plugin and helping me out with some question.

Hope you enjoy it.