Frank Marion's Blog Bits and pieces of a poorly recorded life

17Jan/140

Twitter Widget Pro does not update Tweets: one fix

Twitter Widget Pro Stopped updating Tweets
Twitter Widget Pro stopped working.
Twitter Widget Pro fails to update Tweets

Just a quickie for those who are stymied by the fact that the WordPress plugin Twitter Widget Pro seems to work, then stop, or to fail to work at all.

It's not Twitter Widget Pro's fault. There might be a conflict with other plugins, something in your theme, or in your .htaccess file.

I've just re-discovered the cause of my own issue.

It is a conflict with another plugin. Specifically Better WordPress Security, and even more specifically, one of the rules that are inserted into the .htaccess file when one chooses to add the anti-hacking rules (Ban tab ▶ User and Bot Blocklist ▶ Add Host and Agent Blocklist ▶ [ ] Check this box to enable HackRepair.com's blacklist feature.).

My fix was to remove the added .htaccess rules. I haven't taken the time to figure out exactly which one it is, however. That would be a long and tedious testing process.

May I recommend to the developer, should they read these comments to include the above fact in their FAQ? I bet it would save a lot of headaches both in terms of support and for the general users.

Good luck, fine people, I hope this helps.

17Nov/130

Updated BlogCFC2WordPress to be compatible with WP 3.5

From the original BlogCFC2Wordpress utility:

This utility will migrate your data from a BlogCFC db into an existing WordPress 2.0 db. It has been tested on CFMX7 and BlueDragon 6.2 running on Windows against a MySQL 4 db and BlogCFC v. 3.8. The schema for v.5 of BlogCFC has some new fields added but it doesn't look significantly different so it will probably work with minor modification. All the logic is contained in cfc's and there is no funky sql syntax or stored procs so it should work with other databases.

This is an update to the above utility that will migrate your BlogCFC database to WordPress 3.5+

Download the WordPress 3.5 compatible version here.

Download the WordPress 2.0 compatible version here.

Thank you to Sean Tierney from Grid7.com for writing it, and of course to Ray Camden for BlogCFC and to the WordPress team.

2Jun/130

SASS, Gumby, Modular-Scale and $golden

SASS, Gumby and Modular-Scale

The days of hand-coding CSS are over. We're now in the era of pre-processors, basically, programming environments to make building today's very complex CSS easier and simpler. Coders being what they are, immediately started creating frameworks. My criteria was that it needed to be semantically grid-based and responsive with the least amount of fuss possible.

I decided to try the Gumby framework out. It's pretty complete and has tonnes of quick UI stuff for making life easier.  I suspect that the digital surgeons did what I would do: collect the best and coolest of all the toys available, and roll them into one framework. Unfortunately, for all the goodies there are a number of gotchas. Hopefully this will be useful to you.

Squashin' the $golden bug

I had to work though a chain of errors to finally find

Syntax error: Undefined variable: $golden

Before you bash your brains out, as I did for quite some time, try this quick fix: If you're using the Gumby SASS framework, it wants to give you modular-scale. Great idea. I love it. Find the file var/_settings.scss jump to line 49 or so (search for $golden) and replace it with the basic golden ratio: 1.6180339887

Thus, replace:
$ratio: $golden !default;
with:
$ratio: 1.6180339887 !default;

Alternately, simply define
$golden: 1.618;
// (Not really necessary to have 10 place precision :))

I am not intimately familiar with the inner-workings of SASS, Compass, Gumby or Modular-Scale.

Is this the "correct" fix? I think so, but that'd be the qualifier: I think so. There's a part of me that tells me that we're dealing with the sequencing of includes, but despite my shuffling them around like a pea-in-a-cup, I found no love.

I welcome anyone's feedback on the matter, especially any of the developers of the above-mentioned products.

Tagged as: , , No Comments
14Apr/130

WordPress Security: Preventing hackers and spammers: Better WP Security, Sucuri and CloudFlare

WordPress security: It's time to start ramping it up again

My ISP provided me with the following link by ArsTechnica

Huge attack on WordPress sites could spawn never-before-seen super botnet

Ongoing attack from >90,000 computers is creating a strain on Web hosts, too.

WordPress security is a particularly big deal at this moment in time. It's a huge platform and well recognized enough to be considered worth it's own attacks by spammers and crackers.

While I don't know these people, they've written an excellent primer on securing your WordPress setup.

How to ward off spammers and crackers?

I had already been using Better WP Security. It's an excellent plug in, free and donationware. Over a period of about 90 days, it has reported the following to me:

Your database contains 9416 bad login entries.
Your database contains 1530 404 errors.

Interestingly enough, other than the occasional typo on my part, the 9416 bad logins used "admin". Having not only changed the default user name, but squarely removed it (No user ID 1 in the database) and using strong passwords, I felt relatively secure, and Better WP Security gave me a baseline of this particular activity on my site. The 404's in this case were pointing to non-existent files (duh!) such as FrontPage files, or various config paths.

Recent spammers are aggressive enough to be considered de facto crackers.

I followed up with this article by Sucuri.net:

Protecting Against WordPress Brute-Force Attacks
http://blog.sucuri.net/

By the way sucuri.net offers a very use malware scanning service. Very handy if you use WordPress security techniques.

CloudFlare

While I'm relatively confident of the security of my site, I'm not one for shunning potential positive layers of services..

Cloudflare stands as a CDN between you and the web. Sign up, and simply change your DNS name servers, and it does the job. The free version offers enough to make it worthwhile to give it a serious try. Cloudflare offers a free and feature-full group of services for the little guy, as well as an extended range of services (such as SSL support) for paid accounts.

Now, with a baseline provided by Better WP Security, we'll see how CloudFlare fares over the next 90 days. I'll keep you posted.

 

11Feb/130

Too much chili or pepper? How to rescue your meal

Put too much chili, put too much pepper? How to rescue your meal!

The short answer: Anything with lactic acid or brown sugar. That means milk, cream, canned milk or cream, even ice-cream! Try coconut milk or coconut cream, that'll give you a real Thai flavour. Brown sugar or molasses will also take the bite out of "hot spices". I don't think that soya "milk" (ugh! Vegetable juice pretending to be "milk") will work. Lime or lemon juice should also do the trick. Ever notice how Thai food has coconut milk, lime and burning spices? There's a reason for it.

I haven't tried it, but there's the very off-chance that honey might work, but try it very very carefully. Take a half-ladle out of your pot and try mixing it with your honey in a separate container first.

Let me know if this works for you.

Filed under: Cooking No Comments
6Feb/130

What is real Steampunk?

So, you think you're Steapunk, huh? I'm here to tell you that unless you've watched "BBC Why the Industrial Revolution Happened Here" you don't know it. Painted gears and a pair of goggles? Not yet, brother/sister/ Steam Punk is more than just a look, it's a look based on the science fiction as would be perceived in the day. Just as we take electricity and micro-computers for granted--because we know them, real Steampunk is actually based on the limitations of the knowledge of the day. Not only did they not drink Tang or eat Kraft Dinner Macaroni and Cheese, but they could not conceive of it yet. Steam Punk is science fiction limited by the imagination of the Victorian/Edwardian time.

Steampunk? No!

Steampunk: is this a computer? align=

To successfully do Steam Punk, you have to mentally travel back in time and absorb what the times were like, and using that as a frame of reference, let your imagination go wild. Electricity--what is this mysterious force that makes things happen? 2000 Leagues Under The Sea--wooooooww. The Victorians spoke of electricity the way that today's New Ager's use the word "Quantum". Zero understanding but it sounds way-cool. But a few understood it.

A steampunk machine? Yes!!!!

This is a a proper steampunk machine using today's tech.

The abuse of the Gears symbol, Brass and Dark Wood. No. Just stop it. A gear sticker on your so-called gun does not make it Steampunk. Nor does the brass. You gun needs a plausible excuse to work. See Van Helsing: A gas powered cross-bow as a "machine gun". THAT works. Your curtain-rod-on-wood with no plausible gun doesn't. That you put welder's googles on a top hat doesn't make your look steampunk unless you're posing as Aristocracy that welds. How likely is that? Not very. Possible, but find a visual explanation of how it can be. What makes Steampunk cool is not so much the fashion, as the imagination that the fashion points to.

Steampunk: science-fiction before we could imagine what we take for granted today.

Filed under: Uncategorized No Comments
20Jan/130

I lost my post on a forum! How to recover a lost post

Can I recover a just lost post when using FireFox? Yes you can, but it's a Hail Mary pass.

Have you ever written a long post on a web-forum, and as you submitted it the site reminded you that you've forgotten to add a subject, and when hitting the browser's back button your post was gone?

I hate it when that happens.

Here is a long-shot that will probably be of use mainly to web-developers. I use a FireFox Add-on called Tamper Data

As I hit the page-forward button, FireFox asked me if I wanted to resend the data. Yay! That means it's in the RAM-cache. Turned on Tamper Data, hit page forward and there was my post content!

All I had to do was to copy the contents to a text editor, clear it up again, and voila! I had saved my post.

Note: this will only work if you have had Tamper Data already installed. If you have to quit FireFox to install it, the post will be cleared from the RAM when you quit.

Sometimes a Hail-Mary pass works :)

Filed under: Web Developer No Comments
10Jan/130

Patricia Piccinini: The Long Awaited (2008)

Patricia Piccinini: The Long Awaited (2008)

Patricia Piccinini: A hyper-realistic artist that more than skillfully blurs the lines between reality and fantasy. One can almost envision the world that we might live in if her vision were true.

Patricia Piccinini: The Long Awaited (2008)

The Long Awaited, 2008

Empathy is at the heart of my practice. I don't think that you really can - or indeed should - try to understand the ethics of something without emotions. It can easily be argued that such a focus on empathy might distract from a true rational understanding of the issues, but in fact that is exactly what I am aiming to do. Emotions are messy and they do get in the way of rational discourse - as they should. The empathetic nature of my work deliberately complicates the ideas. It is one thing to argue for/against cloning when it is just an intellectual issue. However, things change if you have a mother or son who might need it. I like to think that my work understands that the point at which 'good' becomes 'bad' does not stand still, which is why it is so difficult to find. Ethics are not set like morals, they have to be constantly negotiated. Bioethics are especially flexible, which makes them especially difficult. However, sometimes our feelings find a way through these difficulties, and we are able to create connections and bonds that defy the expectations of others.

Her website can be found at http://www.patriciapiccinini.net

Filed under: Art No Comments
10Jan/130

Marc Giai-Miniet: Fantastic vision on a tiny scale

Marc Giai-Miniet: Memoria

Marc Giai-Miniet. This artist has a lovely fantastic vision. I don't really know the term: it's not post-apocalyptic, nor Steampunk, but it has the nostalgic whimsy of the long-abandoned.

Marc Giai-Miniet: Memoria

6Dec/120

Virus Prevention for Beginners

This document is intended to inform the average, non-technical user on the subject of viruses. What they are, how to avoid getting them, how to avoid being affected by them, and how to avoid transmitting them. This document specifically addresses Microsoft Windows users. Please redistribute this document’s address as widely as possible. Feel free to included it in your email signature or to link to it from your website. For a list of anti-virus software, please check here.

About viruses in general

What is a computer virus?
A virus [?] or worm [?], or trojan horse [?] (hereafter referred to as “a virus” for the sake of simplicity) is a small piece of software that is generally designed to disguise it’s true nature, to be run without the computer user’s knowledge and perform some action that a user would most likely not have authorized. It’s a form of vandalism.

What is a computer virus not?
It’s not mysterious. It’s not smart or independent, nor has it free will. It’s just a program like your favourite text editor. Viruses aren’t to be feared, most of the time they are merely a nuisance to be dealt with. On occasion, hoever they can cause irreparable damage by deleting or altering data (your documents or programs). Dealing with a virus has the same weight as keeping a bee out of one's home- It’s a necessary task to be dealt with promptly but without undue alarm.

The Way of the Worm

When a worm is received as an email attachment, it waits for you, or for some sort of Microsoft automation to open it.

Once active, it will usually make a copy of itself, replacing a file and taking it’s name. Then, it usually looks for Microsoft Outlook, Outlook Express or Office, scans the address book for some names to use for the TO and the FROM, creates an email with some sort of duplicitous subject line and body content, and mails a copy of itself to start over on someone else’s machine.

Preventing it from activating, and deleting it is all it takes to save a yourself and many other people a lot of grief.

Don’t open attachments until you know that it’s safe. Don’t allow your machine to do it for you. It is one of many simple and effective method. Virus prevention software can be your greatest tool.

How do I get viruses?
A virus is a file just like any other. It gets on your machine in exactly the same way any file gets on your machine. These days, viruses are transmitted mostly though email attachments. They can still be transmitted though floppy disks, CDs, hard drives or infected files. They can transmit themselves though your local area network as well. In exceedingly rare instances, they are placed on your machine by crackers [?] (uninvited people who access your machine though the internet).

How do they work?
Like any program, such as a game or word processor, a virus must be launched, activated, before it can do It’s thing. Double clicking on a file, or launching a file or program that contains a virus will make it run. This means that until you deliberately wake it up, or have an automatic program wake it up, it simply sits on your disk. Inactive. Most viruses these days rely on the Microsoft scripting system to wake it up for you or trick you).

As one can see, It’s not magic. It just that someone has given a little thought as to how to abuse your machine’s vulnerabilities and your trust in the software you use. Fortunately, knowing this allows us to practice the four D’s: Detect, Disinfect, Defend and Discuss.

DETECT: How do I know if my computer is infected?

It's not always easy to know if you have been infected by some sort of virus. Here are some common tell tale signs. A good rule of thumb is this: If you feel that you might have a virus, check!

  • Your machine inexplicably slows down
  • Your machine appears to be active though you haven't set it to task.
  • Programs that usually work well inexplicably fail to start.
  • Your machine inexplicably shuts down or re-boots.
  • You may have received an email from someone asking you check your system for viruses (an excellent practice, actually).
  • Perhaps your in-box contains a large number of emails that have been unsuccessfully sent.
  • Disk space seems to be inexplicably filling up.
  • Files are mysteriously appearing where you know they shouldn’t be.
  • Files have sizes that aren't commensurate with their type (ie: An MP3 sound file takes less than 50 kilobytes)

The only real way to know if you have a virus on your computer is to install anti-virus software such as is listed later on in this article.

I recommend that you do however, purchase the software on CD unless you are familiar with downloading files, saving them, and installing them from your system.

DISINFECT: How can I remove viruses from my computer?

Though this segment is the shortest, it contains the most valuable piece of information that can not be over-repeated. Unless you are a well trained expert with deep knowledge of your operating system, viral algorythms and have a deep passion for rooting around the deep inner guts of your computer, the answer is simple: Get thineself a good quality anti-virus program. Isolate your computer, run your checker from It’s installation CD if possible.

What anti-virus software do you recommend?
You can easily find a list of anti-virus software vendors. I use Norton Anti-Virus on my PCs because it has an automatic definition updater and scheduler. It’s also the first I’ve tried and it works for me. I don’t promote it above another, because I haven’t tried others. I also use Virex on my Mac for the same reason. Please choose the one that best meets your needs and budget. Do make sure that the vendor updates the virus definitions on a very regular basis. An anti-virus package with out of date definitions is useless.

DEFEND: Keeping virus-free

Avoid using Microsoft products
This includes Microsoft Windows, Microsoft Outlook, Microsoft Outlook Express, Microsoft Office or any component thereof. Avoid using documents created by any of these packages such as .doc (Microsoft Word documents) and .xls (Microsoft Excel documents), as they are notorious for containing, transmiting and activating viruses.

This may not be an option for some. The next is to ensure that your Microsoft system has no contact with the internet if possible. Keep it behind a firewall [?] (a piece of software or hardware that acts like a protective buffer between you and the internet.)

Use a good anti-virus program, and update its definitions (the list that tells the anti-virus program what to look for and how to fix it) on a daily basis.

Staying virus free also means being careful about where you go on the Internet and keeping your security settings in the medium to high range.

To be on the safe side, it is better to not download any email attachments unless you are expecting it, and have confirmed that it is indeed from the sender. Antivirus software is pretty good, but it isn’t infallible.

DISCUSS: An additional approach

The technical details have been well discussed. There’s is another very important dimension to keeping yourself virus free. People.

It is people who run and maintain the computers that interact with yours to create a network. People write viruses. People write anti-viral software. People report new viruses. Point this article or one like it to a friend. Inlcude a pointer in your email signature. Discuss it with someone who is more skilled with computers than yourself. Discuss it with someone who is less skilled.

If you’ve receieved a virus from someone, Share it gently. It may not have come from them as the FROM line is often faked. Change the subject line. (Remove any attachments!) It may not have come from them, but ask them to send a pointer this article to everyone on their email list. In other words, reverse-trace the path of the virus with knowledge. The network of machines is reflective of the network of people. Let’s use it to inform, educate and help each user gain greater immunity to computer viruses. Remember that if you stop one single virus, you may be preventing 1000 other people from getting it. Your action might have an incredible impact on the network. What if Typhoid Mary had never passed on her bug?

Keeping the net safe, one person at a time

Imagine this: A friend or business partner tells you the following story. "I had a meeting with my most important clients to propose a deal that could bring me enough money to change my life, and that of everyone in the company. Everyone worked on the proposal for weeks, every fact checked, every detail sweated. The next day, when it was time to print out our incredible piece of work, I tried to open the document. It wouldn’t open. The meeting is in 4 hours, and the document is gone. Weeks of work for the most critical proposal of our careers, and it's been destroyed by a virus. We lost everything.

Now imagine discovering that the virus was sent from your machine.

Let your machine be the very last machine that a virus ever sees.
Eradicate and Eliminate: it's the thing to do! We've mentionned the signs, steps to take and the precautions to take. We’ve mentionned discussing virus prevention with others. When you’ve received a virus (that your anti-virus software has eliminated, because your definitions are up-to-date, aren’t they?), please respond to the sender of the email informing them of it. Urge them to read this article, or one like it, and to take action. If every computer is the last one a virus sees, only a very few will ever see it. That adds up to the Internet having “a strong immune system”. The safer you keep your neighbour, the safer they can keep you. I urge you to take action. Create a standard form-response [example]. Include a call to action in your email signature. [example]

The biggest vulnerability: some eye opening realities

“Microsoft has built in the ideal virus transmission mechanism into the operating system”
-Gartner Group analyst John Pescatore

For the most part, any Microsoft system is a virus’ petri dish of choice. The latest rounds (going back to Melissa and “ILOVEYOU”) are simple little Visual Basic scripts [?]; They are written in a language that Microsoft designed to make programs “talk” to each other. Outlook, Outlook Express and Microsoft Office are all programs that use this system. The latest viruses count on this fact. This systems allows even moderately skilled children to create the virus that could take your machine down.

The biggest reason the Microsoft Windows is the greatest breeding ground for viruses is it’s ubiquity. The dominance of Microsoft systems, refered to by some as “Monoculture”, makes it worthwhile for virus writers; it gets the biggest bang for their buck. With each strength comes a penalty. At the time of writing, Symantec’s website claims to be able to detect 61055 different viruses, trojans or worms.

Microsoft primary market is the user who is typically more interested in ease-of-use and less inclined to have very in-depth knowledge of the operating system. In short: They trust Microsoft to protect them from their own lack of knowledge. Unfortunately, this trust is misplaced. Microsoft is well known for creating products that are highly vulnerable to viruses and security breaches. Remember: Microsoft’s priority is not to create excellent software, nor to even ensure that the user’s data is safe. Microsoft’s priority is to make money. Simple observation will demonstrate that over-promising “Just good enough” as “The Greatest Thing Since Sliced Bread” then backing off with clumsy solutions is the Microsoft way. Unfair? Perhaps, but It’s an unfortunate reality that we currently live with.

High budget Microsoft marketing has created a powerful illusion over the years that people take it for granted that “Windows is my computer”. It isn’t. Some may be surprised at discovering that there is a large choice of operating systems. It is simply a product like any other, and deserves honest evaluation and decisions in light of a simple goal: that of keeping our own and other’s data safe.

Once you’ve done reading this article, if you would like more detail, I highly recommend the following article: Computer virus prevention: a primer

More resources on the net

Sophos Virus Info. Sells anti-virus software. Has excellent research material.
http://www.sophos.com/virusinfo/

Symantec Security Response. Sames as above. Sells anti-virus software. Has equally excellent research material as well as security related materials.
http://securityresponse.symantec.com/

F-SecureInformation Center
http://www.datafellows.fi/news/vir-news/

McAfee’s Virus Info Library
http://www.mcafee.com/support/techdocs/vinfo/index.html

The AVP Virus Encyclopedia
http://www.metro.ch/avpve/

The A-Z Antivirus Page
http://antivirus.miningco.com/compute/software/antivirus/

The Hitchhikers AntiViral Resources
http://www.hitchhikers.net/av.shtml

More questions?

Virus Help Discussion List
http://www.hackfix.org/list_virushelp.html

Filed under: Uncategorized No Comments