Archive for the ‘Blogging’ Category

Got to get off my lazy backside and working on my blog again. Long with the usual resolutions like trying to lose weight and be more active in my eBay business I also intend to start posting regularly again. I’m able to use my phone now as I have installed WordPerfect on it and now post my comments and thoughts even while I’m away. Right now I haven’t even been paying attention to news or other events . So along with my resolution to start posting again I will also need to stay  informed of world events. Look for more post every day or two at the worst. Happy new year to all and to all a good bye.

I have been busy making changes to my web sites and my hosting services. I have updated my services and added more features and increased the service. That is my File-House Web Hosting that hosts my own sites, this one included. I first moved this site then had some problems with the data base and have been offline almost two days. I got some great help through my friends at Dragon Tree Studio. They are working on a new template for this site and the theme I am using is just a hint at what is coming. I hated the one I had and went to a rough draft instead as I like it much better. If you need help creating your very own theme based on your blog or pretty much any web site built or designed as well as graphic design. I highly recommend that you contact Dragon Tree Studio. . I know you will not be disappointed.

There are currently two versions of a bill in Congress that would protect a  journalist’s right to keep his or her sources confidential, effectively banning the government from forcing journalists to reveal whistleblowers. One version though–the House version–gives an incredibly stupid definition of journalist that excludes not only bloggers, but freelancers, independents, and nonprofit journalists as well. For the most part, the Senate and House agree on what a journalist’s duties are and what journalism are:

“the regular gathering, preparing, collecting, photography, recording, writing, editing, reporting, or publishing of news or information that concerns local, national, or international events or other matters of public interest for dissemination to the public.”


The house version though adds this to the description of a journalist:

“for a substantial portion of the person’s livelihood or for substantial financial gain and includes a supervisor, employer, parent, subsidiary, or affiliate of such covered person.”

This will eliminate freelance journalists (no boss) anyone who does it as a hobby or public service this includes most blogggers who are not paid. The government then has the right to force you to tell who told you anything that you might report about much like they tried to do with journalist Judy Miller under the Bush Administration.

A new method of phishing attack is starting to rear its head up to try and gain sensitive information from unsuspecting users. This new method goes back to the warning I have given out for years now. Do not have a sensitive page (ie, your bank, paypal..etc) open while browsing. What this new threat does is it will attack a vulnerable website and injects a javascript code into the site. When you visit the now infected site and have a window open to your bank it causes a popup to come up that tells you that your session has timed out and you need to relog in. Make sure you log out of sensitive sites before browsing. If you have a website make sure you are secure and check for any changes in coding. That is what happened to this site and some others I am hosting. It wasn’t a threat to capture your information but we did get attacked by the yahoo counter script. The first things we noticed was the fact that our rss feeds were broken. Then doing a source search we found yahoo counter starts at the bottom of the page before the closing body tags. I do not know what the exact code is that this one places into websites but will attempt to find it. I feel as a responsible website owner I should try to stay on top of the situation and even moved my sites to a more secure server.

Here is what Trusteer.com explains about the sophisticated attacks:

“An in-session phishing attack occurs while the victim is logged onto an online banking application and therefore is much more likely to succeed. A typical attack scenario would occur as follows. A user logs onto their online banking application to perform some tasks. Leaving this browser window open, the user then navigates to other websites. A short time later a popup appears, allegedly from the banking website, which asks the user to retype their username and password because the session has expired, or complete a customer satisfaction survey, or participate in a promotion, etc. Since the user had recently logged onto the banking website, he/she will likely not suspect this popup is fraudulent and thus provide the requested details.”

To protect themselves from in-session phishing attacks, Trusteer recommends that users:
1. Deploy web browser security tools
2. Always log out of banking and other sensitive online applications and accounts before navigating
to other websites
3. Be extremely suspicious of pop ups that appear in a web session if you have not clicked a hyperlink

I’ve been busy yet again moving things on servers. I was not happy with the one I first intended to move everything onto when I found out that you can not have folders or files with write permissions (666,or 777). That and the fact that I still have not gotten all the releases for my other domains to move and remove the yahoo counter script from them as I migrate servers. I did find 9 instances where we had missed getting it all off the server and therefore out of the files. A couple of readme.html files and7 places where the entire code was not removed. Thank goodness for TextCrawler it has been a life saver. This script, that begins; “Yahoo! Counter starts” is either placed into js,htm, html or shtml pages that I have found so far. It is more complex code that is placed into php pages but it then generates the same code that can be found by viewing the pages source code. I tried in my last post to insert an image of the code, but that fails to give you a good idea of what to look for when removing it from your site. I am reluctant to post it online but will gladly share it with anyone who needs help and asks for it. The code is rather lengthy also so to place it into a post would lose you my readers. I tend to get lost in that much code myself. One of the easiest ways to remove it is to copy the entire text into TextCrawler. Then use a comment something like this and replace the code. This will work for all your web pages and takes only a few minutes. If you do not have that many infected pages you might wish to open them up individually and remove the code from each of them. But if you have something like a gallery I had been testing that ended up with over 3000 files infected I doubt you want to fix each file. I am not even going to replace them I am going to drop them when I move everything else. You can not even delete folders full of the infected files off your webserver as they are chmodded to 444 and the ownership is changed from your account to HTTPD. Without fixing that the only recourse is to delete them individually then replace them. A lot of work that my soon to be completely former host IX Webhosting will not help with or even acknowledge is their fault. You can get them to change ownership and even chmod the files back to 755 but if you do not get it fixed right away it will change back. Even if you do get everything fixed back but leave it on their server it puts the bad code back into your pages, or at least it did mine that way. If you need any help, or just want to vent over IX’s lack of help shoot me a line or comment. I’ll help what I can.

Our twenty ninth anniversary was on the 28th of December. We ended up staying at home just enjoying the day and never left the house though we probably should have gone on to church like I first had thought. It was in the exact same church we go to that 29 years earlier I had stood at the alter and said my “I do’s”. Then on our very first wedding anniversary she gave me a gift like no other. She gave me a son, so it is his birthday as well as our anniversary. I am so lucky to have found a woman who would stick by me even when I did not deserve it. I could never find anyone else like her and wouldn’t even consider trying. I would be totally lost without her. Hopefully I can stick around on this earth to make another twenty nine years with her.

I have been very busy the past week moving to a new server for my file-house.com hosting company. I ran into a snag with my old provider when they allowed a rather insidious script to be injected across all of my sites. It slips in and changes permissions on files. It masquerade itself as a yahoo counter but attacks all your files and will break your rss feeds. If it attacks your wordpress blog the easiest way to deal with it will be to delete everything and start anew. Make sure you save your wp-config.php files information but not the code. But if you have a custom theme you can’t do that and will need to crawl every  page with a text crawler like TextCrawler to search your files or you would be searching individually for days. Depending upon plugins you will have a couple hundred or so files that will be infected the code looks like this;

!--Yahoo! Counter

<!--Yahoo! Counter

This is not all of the code but if you need it just let me know and I will hook you up with a copy to use for searching your site with. So far all the php files have had one code and the html files have had the code that is generated into the webpages that starts “<!–Yahoo! Counter” without the ” marks. I have cleared this one and Brainfoggles and have a couple more to go so I can migrate to the new servers clean of infections.

I was watching NCIS last night as I usually do and just had a feeling that something wasn’t just right and popped online to see how my friends were doing. It must have been a psychic feeling cause sure enough my friend Connie over at Brain Foggles was having trouble with her new blog Conniesview. It had stopped displaying and was reporting an error instead of showing a page. We had this error ;
Parse error: parse error, unexpected ‘<' in /wp-includes/post-template.php on line 734
She of course was panicking so I jumped right on it. I host her blog and give her hands on support something we plan on being able to do for others who wish to blog but have no knowledge of being a web/blog master. A quick search showed it was being discussed on the message boards of wordpress support. The post-template.php file was only supposed to have 733 lines of code instead of the 734 it was reporting though in dreamweaver it showed about 6 lines or more of apparently undecipherable code. A quick ftp of the now fixed page had her up and running in no time. Everything was lovely once more, or so I thought until I checked this blog and it to was reporting the exact same error. wow quick fix or so I thought. After fixing the file I got another error in the comment mailer plugin, seeing as how I don’t use it anyhow I simply deleted it ,and once more the world is revolving and everything rosy again. If you have problems with yours or need some help maybe this will help you out. I did post the fix on wp support forums too in case you need to look.

I kept myself occupied pretty much of the morning by making a change in my sidebar. I wanted a double head over the left and right columns and had to work it out to get it to display correctly. Jenn over at Everyday Randomness pointed me in the right direction telling me that I needed to mod the sidebar.php page in my themes directory. Of course it was a little more involved than simply adding a few lines of text. I had to add a division to the page plus add a division to the style sheet also. Not too bad but I sure am glad I know how to cut and paste. Its easier to copy then mod some code rather than writing it from scratch. You can see the result of a few hours of off and on work by looking at my ad on the right. I have been hosting websites for friends for some time now and intend to expand hosting to blogs also. Let me know if I can help you, or any input you might have. Thanks.

A US Army intelligence report has identified the popular blogging tool Twitter as a potential terrorist tool. It along with GPS and possibly voice changing software are at the heart of this intelligence report. The report by the 304th Military Intelligence Battalion examines a number of mobile and web technologies and their potential uses by militants. The report is posted on the Federation of American Scientists (FAS) website. Parts of the report mention how activists at the Republican National Convention in Minneapolis used it to provide information on police movements and Twitter members got out the news of the earthquake in Los Angeles in July faster than news outlets. Now lets see what happens when they discover chat rooms and email.