• Die Spammers

    Do you have your own blog?  Is it full of spam?  Are you sure?

    A while back a friend of mine asked me a question about her blog.  Everything looked normal in every newsreader except for Google Reader.  In Google Reader every post appeared to be nothing but pharmacy spam.

    I looked for the spam in view source, I downloaded the feed and checked it, I even crawled through the PHP code looking for a clue.  Everything looked perfectly normal.  It wasn’t until I started digging through the database, that I discovered what was happening.

    Somehow, the spammers replaced two plugins on her site with their own malicious plugins.  These new plugins changed the contents of each post based on the referrer.  That’s why spam only showed up when viewed by Google.

    The clue was in the “wp_options” table in a field called “active_plugins”.  I noticed a couple of plugins that started with a dot.  For example, instead of “akismet/akismet.php”, the name was more like “akismet/.akismet.php”.

    In Unix, file names that begin with a dot are hidden by default.  The initial dot is so subtle that most people won’t even notice it in the database.  Especially since there’s lots of other information in that field.

    Discovery

    Here’s a simple way to check your site for this kind of spam.  You can restrict a Google search to a single site by adding “site:domain” to your query.  For example, to search for the word Vaigra on my site try something like this:

    viagra site:anthonylewis.com
    

    This should only show one result for my site - this page.   Put your domain name in place of “anthonylewis.com” to see the results for your site.  If you get lots of results, then you have a problem.

    Removal

    The first thing I did to remove the spam was change all of her passwords - WordPress, Database, and FTP.  We used much more secure passwords.  I have another post in the works that addresses secure passwords.

    Next, I made sure she was running the latest version of WordPress.  Updating WordPress is getting easier all the time.  It’s always been a simple 2-3 step process, but now it’s almost automatic.

    Finally, I removed the plugin files with the initial dots and cleared the “option_value” from the database for “active_plugins”.  This disables all of the plugins.  Don’t forget to enable the ones you really need.

    Aftermath

    Unfortunately, the spam on her site still shows up in Google’s cache.  It’s been over a week now.  I’m not sure how long Google keeps pages in their cache, but this should go away soon.

    One option I would recommend if you’re having a problem with stale data in Google’s cache is the Google XML Sitemaps plugin.  This plugin maintains an XML file that lets Google know where to find things on your site and when they were last updated.

    Help

    Let me know if you’re having this problem.  I have a lot of experience working with WordPress and I would love to help you out.  My contact information is at the bottom of this page.

    I provide advice and guidance for free.  If you’d rather I log on to your site and completely remove this mess, I’ll do that for a small fee.

  • Why Facebook Will Fail

    Everyday I log in to Facebook to see what my friends are up to.  It’s a great way to keep up with my old friends who are now 300 miles away.  Even with all of it’s current popularity, I feel like it will fade away in time.  Here are my reasons.

    The Platform Was A Mistake

    Thanks to the Facebook Platform, there’s always a new silly quiz to take or some other application wanting my attention.  I mostly ignore those things, but sometimes I give in.

    This is where the problems start.  It’s not enough to just take the quiz, the quiz also wants you to invite all of your friends to take it, too.  Also, by taking the quiz, you have to agree to give the program access to all of your information on Facebook.

    This has always struck me as a little odd.  I usually spend as much brainpower trying to make sure that this program doesn’t e-mail everyone on my friends list as I do actually taking the quiz.

    Facebook Quiz

    I believe a social network should be centered on the people involved.  They’re the reason the site exists.  The applications are just a distraction to get people to spend more time looking at the ads.

    It’s a Walled Garden

    Facebook released their API partly in response to my second criticism.  It’s closed.  There’s no way to share things on Facebook with other people, unless they’re also members.

    What if I want to share my pictures and status updates with everyone?  This isn’t possible with Facebook, yet sites like Flickr and Twitter make it easy.  Also, what if I want to export my data from Facebook?

    The Platform could easily be used to create applications to make sharing easier, but it’s against the terms of service.  Facebook recently shut down an application that made your data available as an RSS feed citing privacy concerns.

    This is kind of a double-edged sword.  I think one of the initial reasons for Facebook’s rise to popularity was the fact that it was initially only available to college students.  It was like a private club.  Obviously, that made outsiders want in even more.

    Now that the site is available to all, there should be a way to make the data more readily available.

    It’s Nothing New

    Like I mentioned earlier, there are many other ways to share your information online.  Facebook is nice if you didn’t already have a blog or some other means of sharing your thoughts and pictures online.

    Facebook does make it easier to keep up with friends, but it’s not rocket science.  A group of tech-savvy friends could just as easily set up a blog for each person, then subscribe to all of their RSS feeds.

    For me, it seems like just another inbox sometimes.  Why should someone send me a message through Facebook, when they could just e-mail me?

    I’ve also starting using the Twitter application so that my Twitter updates also update my status on Facebook.  If there was an application to make my friends status show up as a feed, I would probably never visit Facebook.

    Thanks to the fact that the site is fueled by advertising, that’s never going to happen.

  • Blog Posts I'm Tired of Reading

    I read quite a few different blogs.  I feel like I should since I sometimes write one.  I read mostly about programming and other technical things.  I probably spend 10-15 minutes per day skimming the headlines in Google Reader, looking for interesting articles.

    It’s nice to have a few things to read while I’m waiting for a script to run or eating lunch.  Unfortunately, there are certain types of posts that seem to reappear regularly.  These are a few of the posts that I’m tired of reading:

    How To Make Money Blogging

    I know that some people make their living as a blogger, and I think that’s great, but I’m tired of reading about it.  What I really can’t stand are people who make money by writing a blog about how to make money blogging.

    I’ve fallen into this trap myself in the past.  I created a few different blogs with Google and Amazon ads.  I even made a little money doing this, but it’s not something I can maintain for any length of time.

    Blogs with lots of ads (especially ads that pop up on words inside the posts) make me a little uncomfortable.  Like I said, I still have a few blogs with ads on them, but I don’t really feel good about it.

    If I never see another post about link baiting, SEO, or how to get on the front page of Digg again, it’ll be too soon.

    Arguments About Nothing

    For some people, everything is a religion.  There is no gray area, everything is black and white.  You’re either with us or you’re against us.  Windows vs. Mac, Emacs vs. Vi, Windows vs. Linux, Ruby vs. Python, the list goes on forever.

    Use the right tool for the job and get on with your life.  Just because I use a Mac at home doesn’t mean I’m an idiot.  I use a Windows PC at work, and that doesn’t mean I don’t like Macs.

    The worst are posts written by people who don’t really even know what they’re talking about.  For example:

    “You should use a Mac since Windows computers always get viruses.”  I’ve never had a virus on any of the Windows PCs I’ve used.  Am I just lucky?

    “Macs are overpriced, you can get a PC with the same hardware for a lot less.”  I look at a lot more than hardware specs when I buy a computer.  What about the operating system, the applications, the community, the build quality, the design?

    I will never understand why some people spend every day of their life trying to convince other anonymous internet users that their way is the only way.  What a waste of time and effort.

    Personal Attacks

    To me, this is about the lowest thing you could possibly write about online.  Yet I still see these kinds of posts on blogs.

    I can’t even imagine a situation that would cause me to try to belittle someone else online.  What can a post like this possibly accomplish? If you don’t agree with someone, why not just ignore them?

    Maybe it has something to do with television.  Some people aren’t happy unless there’s drama in their life.  I guess it’s nice when people comment on the post and agree with your assessment of the other person.

    Just like the endless debates I mentioned earlier, I’ve never seen anything positive come from a personal attack of someone online.  I don’t ever remember a time when a victim of one of these posts said “You know what, you’re right.  I’ll change my ways.”

    That’s Enough For Now

    I think I’ll stop here.  I’m not really sure what the point of this post was.  I don’t imagine it will change what other people write about, but it can’t hurt to try.

    Maybe later I’ll talk about the kinds of posts that I enjoy reading.  In the mean time, what are some posts that you’re tired of reading?

  • Unblocking Attachments in Outlook

    Microsoft Outlook is the mail client we all love to hate.  My personal favorite feature is the way it handles attachments.  If you’ve used Outlook very much, I’m sure you’ve seen this message:

    blocked-att

    Here Microsoft is protecting you from itself by blocking an Access database attachment.  The attachment is still there, you just can’t get to it.  Very frustrating.

    The recommended solution is to use a program like WinZip to compress the file before you e-mail it.  You can also just change the extension since Outlook doesn’t actually check to see what kind of file it attached.  Both of these can be a hassle for the sender, so I started looking or a better solution.

    Google To The Rescue

    Spend a little time researching this problem and you’ll see that there is a lot of information online about how to get around this message.  I was able to solve the problem, but it involved using information from several different sites.  This is my attempt at putting all of the information together into a series of easy steps.

    Check The Mode

    First, you need to find out what Security Mode access is using.  To do that, click Help, About Microsoft Office Outlook on the menu.   You should see a screen like this:

    sec-mode-def

    This means I’m currently using the “Default” Security Mode.  The other options are “User Controlled” and “Administrator Controlled”.  If yours says “Default” or “User Controlled” you can follow my steps and unblock attachments.

    If you’re in “Administrator Controlled” security mode, then you’ll need to talk to your e-mail administrator.  If anyone really wants to know, I can also tell you how to get around “Administrator Controlled” mode, but that’s a post for another day.

    Now click OK to close the “About” window and exit from Outlook.

    Edit The Registry

    The next few steps involve editing the registry.  Be very careful when you do these steps.  It’s pretty easy to break Windows by changing the wrong settings in the registry.  If you break it, you get to keep both pieces.  I won’t be able to help you unless you’re willing to bring your computer to my house.

    Click Start, then Run.  Type regedit and click OK

    Drill down in the registry to this key:

    HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security
    

    Once you get there, right-click on Security and click New, String Value.

    Type in Level1Remove for the name, then double-click Level1Remove to edit the value.  This value is a list of extensions you want to unblock separated by semicolons.  For this example, you can type .mdb  It should look something like this:

    reg-key

    Click OK to save the value, then close the Registry Editor and reopen Outlook.

    Success

    If you added the registry key in the right place, Outlook should now be in the “User Controlled” security mode.  Also, you should see something like this when you open an e-mail with an Access database attached:

    unblocked-att

    Now you can add any other file extensions that you don’t want to block to the same key in the registry.  Just be sure to separate each one with a semicolon and include the dot before the extension.

    Leave a comment below if you have any trouble and I’ll try to help you out.

  • How I Write

    That post from last week is one of the most boring things I’ve ever written.  I used every trick I knew to make it interesting, but I couldn’t make it work.  After messing with it for about half an hour, I gave up and clicked Publish.

    There was a time when I would have deleted it without a second thought, but this was a story I wanted to share and I thought it might be an interesting experiment.  One positive side effect of this was I started seriously looking at how I write.

    Voice

    I try to write how I speak.  Denise gave me a great compliment the other day when she left the comment “It’s so good to hear your voice again.”  That’s exactly what I’m trying to do.

    As I write, I try to hear the words in my head.  If a sentence or phrase doesn’t sound natural, I go back and rewrite it immediately.  In some cases I rewrite parts of a sentence several times until I end up with something completely different.

    I also sometimes write posts entirely in my head.  If there’s a topic that I just have to write about, I will have most of it written before I ever touch the keyboard.  An example of this would be my Continuous Improvement post from while back.

    Writing

    I am a fast typist.  At one time I could probably think as fast as I type, but I don’t think that’s true anymore.  I’m sure it’s just old age catching up with me.

    I guess that’s why I tend to type a lot more words than are actually needed to express what I’m trying to say.  My first drafts are filled with adjectives and adverbs that never make it to the finished product.

    This might also go back to the days in high school when papers were graded on content as well as length.  It’s almost like we were being taught that it takes a lot of words to make a point.

    Editing

    I make quite a few changes while I write, but once I have a complete first draft I really start editing.  I spend at least as much time deleting, cutting, and pasting as I did writing.  Most of those extra words I mentioned earlier disappear at this point.

    I also look for words that don’t add anything to a sentence like “really” and “just”.  For example, a sentence like “I really want to just write.” becomes “I want to write.”

    While I’m editing I also like to preview how the post will look on the page.  That way I can quickly spot paragraphs that seem too long.  At this point sentences and paragraphs get moved around.  Sometimes entire paragraphs disappear.

    Done

    Once a post sounds like me, doesn’t contain too many extra words, and flows well on the page I click publish and see what everyone else thinks about it.

  • So, What Do You Do?

    One of my favorite scenes from Office Space is when Peter is explaining to the consultants what he does in a typical day.  My day isn’t quite as funny, but I thought some people might find it interesting.  So, here is a day in the life of a security analyst.

    I arrived at work around 7:00 AM this morning and looked over the e-mail in our project mailbox to see if there was anything urgent.  There was not much going on, so I finished my coffee while looking over headlines in Google Reader.  Moments of peace are pretty rare.

    A little before 8:00 AM, one of the developers stopped by to talk about a scheduled task that was set to run on one of the servers.  This task failed after the last upgrade and he was confirming that it was fixed.  We also spent some time looking at the differences between the test server and production server.

    Around 9:30 AM, I had a meeting with two auditors.  They are working on an audit of user accounts on a few servers.  We went over a few spreadsheets that I had provided them earlier and discussed all of the accounts.   Thankfully, this only took about 45 minutes.

    Next, I helped troubleshoot a problem on one of the servers that was running slow.  One of the volumes was filling up so three hard drives were added to the RAID array last weekend.  Unfortunately, someone added Ultra3 SCSI drives instead of Ultra-320 SCSI drives.  Ultra3 drives run half as fast as Ultra-320.

    I also completed an access request and replied to a question about remote access before lunch.  I usually go for a walk during my lunch hour, at least around the building.   Today I just walked down to the cafeteria and grabbed a Snapple to go with my microwave meal before getting back to work.

    Last week we received the results from a penetration test that was performed on our network.  I’ve been working in my spare time to come up with a solution to an SQL Injection vulnerability that was discovered in one of our old web applications.

    This isn’t really part of my job, but I volunteered to take a look at it since the application isn’t being actively maintained right now.  I finished up my solution, tested it, and e-mailed a developer to see about getting it implemented around 12:30 PM.

    From 1:30 PM until 2:30 PM I attended a staff meeting downstairs.  There are 10 people in my group and we get together once a week to talk about what we’re working on.  The meetings are always informal.  Today’s meeting was a little dry since we talked about the budget, but it wasn’t bad.

    As the day winds down, I look over my Inbox to make sure I’m not falling behind on any projects.  There are only 4 messages in my box right now, so this doesn’t take long.  Two of these are about training that I need to look at and the other two are concerning ongoing projects.

    This was actually a really slow day for e-mail.  I only received 10 and sent 5.  Yesterday I sent 50 messages.  We all take turns covering our project mailbox one day a week.  Yesterday was my day.

    Now it’s 4:00 PM, which means quitting time for me…

  • Be Yourself

    Looking back at my last few posts, I’m afraid someone might get the wrong idea about my job at the school district.  I just want to make it clear that I had a great job.  I had the nicest coworkers anyone could ask for.  The work environment was wonderful.

    I know what you’re thinking.  I said before that I was “miserable.”  That’s true.  I was.  But not because the job was bad.  It was just not the right job for me.

    You see, I’m a geek.  I’m not afraid to admit it.  Look under my name at the top of the screen.  I’m good at figuring things out and solving problems.  If it has a processor, I can probably make it work. I’m also rather social.  I enjoy talking to other geeks and sharing what I know.

    When I started at the school district, this was exactly what I was doing.  I was constantly learning about new technology and sharing this knowledge with the people around me.  I think I even had a hand in turning some non-geeks into geeks.  You’re welcome.

    But by the time I left my job, that had all changed.  I felt like I was buried under a mountain of e-mail, voice mail, and paperwork.  I was spending too much time at my desk and not enough time out in the trenches doing the work.  I was responding to complaints and putting out fires instead of figuring out ways to make things better.

    And this leads me to the title of this post.   Be Yourself.  This is probably the best advice I could give anyone.  It applies universally - in your job, in relationships, everywhere.  Just be yourself. If you have to force yourself to be something that you’re not, you won’t be happy in the long run.

    For some reason, this was a hard lesson for me to learn.

    I think I probably knew from day one that the job was not right for me, but I kept thinking that if I stuck it out for a while I could make it work.  The pay was nice, and that made it easier to convince myself to stay.

    I also think everyone else could see that I wasn’t happy.  I remember one day someone walked by the door of my office and said “Tony, why don’t you smile anymore?”  I didn’t know what to say.  I’m sure I said something like “Too much work to do.”

    When I told my boss that I was leaving, I said “You know I’m not the right person for this job.” and I think he understood what I meant.  He certainly didn’t argue with me.  I feel like I did a good job while I was there.  I know I did my best.  But no amount of work was ever going to turn me into something that I’m not.

  • Welcome Home

    After we closed on our house, we couldn’t wait to go see it.  Our apartment was small and noisy, and we wanted to move as soon as possible.  As soon as we walked in, we found out that the dining room was flooded.

    The house had been “winterized” while it was vacant.  Basically, someone turned off the utilities and drained the hot water heater.  We had to pay to have it de-winterized before it could be inspected.  A few days later it was winterized again.

    The bank insisted that the house be winterized to avoid damage in case any pipes froze.   They also insisted the utilities be transferred into our name before closing.  Unfortunately, the people who winterized the house the second time didn’t close the valve on the hot water heater after they drained it.

    So, when  the water was turned on earlier that day, it went straight through the hot water heater and out onto the floor.  Luckily the guy from the city noticed that the meter was spinning and turned the water off after a few minutes, but the damage was already done.

    We spent the first evening in our new house soaking up water with every towel we owned.  The next day, Paige called a company that pulled up the carpet, treated the walls, and setup fans.  A few days later they replaced the carpet pad and put the carpet back down.

    The bill for their services was about $800.  We talked to our agent and he talked to the bank’s agent.  The bank did nothing.  Our agent talked to a lawyer.  The lawyer said we should sue the bank, the company that winterized the house, and even the city.

    Guess what we did?

    Nothing.  That’s right, nothing.  We paid the bill and went on with our lives.  To me enjoying our new house was a lot more important than $800.  Suing everyone involved would only make the lawyers rich, and it would take months to resolve.  It just wasn’t worth it.

    I had honestly forgotten all about this until I wrote the post about us moving the other day.  I think too many people spend so much time focusing on the bad things that they miss the great things that are happening all around them.

    I believe that you can choose your attitude, and I choose to be happy every chance I get.

  • Always Writing

    It’s strange updating this website after it was stagnant for so long.  I had quite a few drafts sitting around concerning topics that seem irrelevant now.

    I deleted most of those today.  I’m sure it won’t be long until I have more half-finished posts sitting in the queue never to be seen, but that’s just the way it goes.

    Even when I wasn’t updating the site, I was still writing.  I just didn’t think that most of what I was writing was fit for public consumption.  Most of it was just me complaining about the state of things.  Here’s an excerpt:

    My car is filthy.  I park under a tree and birds crap on it all day.  There are no birds in my office, but I know how it feels…

    That’s the beginning of a rant that went on for two pages.  Who would want to read that?

    I guess some people might find it funny in a dark way. I try to put  a little humor in everything I write, even if I’m in a bad mood at the time.

    I feel like I’m in a better place now, both geographically and mentally, so expect more posts around here.  Also, I park in a garage now, so no more crap…

  • Continuous Improvement

    Some people probably think I’m crazy.  I’m always reading at least two books.  I research new things on the web daily.  I love to challenge myself both mentally and physically.  I have an endless thirst for knowledge.

    I still remember answering a series of questions offered by the professor in my Object Oriented Programming class while the rest of my peers sat with blank looks on their faces.  One of the other students asked me “So, do you go home and read C++ headers every night?”  I replied with a grin “Not every night.”

    I was hired by the school district in the spring of 1999 as a PC Tech.  I went around fixing people’s problems and installing upgrades.  The summer after I was hired, the district starting wiring all of the classrooms and installing servers on each campus.  It seemed natural for me to move up and take over the network.

    There was only one problem, I knew little about networking and nothing about servers.  So, I bought a stack of books about Windows NT and started reading.  I would work all morning, go home and read for an hour on my lunch break, then go back and work all afternoon.  I read every evening from the time I got home until I fell asleep.

    I tried to stay a few steps ahead of what I was working on.  I still remember trying to set up DHCP for the first time.  I had to bring one of my books to work and follow the steps as I set it up.  This made me a little uncomfortable because I wanted everyone to think I knew everything.  I made sure no one else saw me looking at the book while I worked.

    By the end of the summer I knew enough about networking to pass all six tests required to become a Microsoft Certified Systems Engineer.  That really made me happy because my boss had recently tried one of the tests and failed it.  There was also a pretty significant pay raise to go along with my new title.

    I was happy being the network manager for several years after that.  It seemed like there was always something new to learn about networking.  Once I felt like I had mastered Windows, I moved on to Linux.  I read everything I could get my hands on and even ran Linux on my home computer for over a year.

    I was also looking forward to the day my boss would retire and I would be promoted again.  He was already grooming me to take his place.  I was learning about the budget and E-Rate applications, and felt like I had a part in many of the “big” decisions.  It wasn’t as interesting as networking, but it was something new to learn.

    Finally, my boss retired and I was promoted to Director of Technology.  The day I had been looking forward to for years had finally arrived… and I was miserable.

    Instead of constantly learning new things, I felt like I was in an infinite loop of meetings and paperwork.  I spent most days staring at the dull walls of my office, talking on the phone, and responding to e-mail.

    I realized something else after my promotion – this was as far as I could go at the school district.  I would never be promoted above Director.  I didn’t have the qualifications for anything higher.   The thought of staying in the same place for the rest of my life scared me.

    So, after working for almost 10 years to finally reach my “dream” position, I started casually looking for a new job.

subscribe via RSS