Archive for January, 2009

In just a matter of a few days in office President Obama is approaching the matter of Muslim extremists in a way that the Bush administration never tried. He is reaching out to the people. In his very first television interview since being sworn in as President he reaches out to the average Muslim on the Arabic satellite TV network Al-Arabiya which is based in Dubai. Instead of simply talking to government officials he is speaking to the common man, something that hasn’t been done before. I think it is a step ahead to engage the people of the Middle East and the Muslim world. This could go further in the war on terror than guns alone. I think we should let them know that there can be no better friend or worse enemy than the United States. He touched on it a little in his inauguration speech but this goes further and is in their language. He even goes on to talk of him spending time as a child in Indonesia, the Muslim worlds most populous nation, while his mother studied there. That speaks to the commoner that he at least understands some of their world. He points out that he has relatives that are Muslim. Things they can understand. The Arab world is actually two worlds. One in which the people live in, that is a world overwhelmingly poor, under-educated, under-served lacking the freedom of choice and the basic civil liberties denying them, as a result, their dignity as human beings. The other is the happy go lucky world of the elite who may as well live on a foreign planet the conditions are so apart. They are the ones like the Shah of Iran, who we kept up because he was friendly toward us and our eavesdropping on the Soviets from Iran, that oppressed the people with our blessings. Now he is speaking out directly to the Muslim world telling them that we intend them no ill will. Maybe an outstretched hand will be met with a more favorable view than a boot heal of oppression. I see from reading on the english page of Al Arabiya News Channel that they hold optimism also.

After all of the pomp and ceremony of the inauguration was over President Obama went straight to work. It was an emotional thing to watch with so many Americans coming out on such a cold day to see it and experience the events of the day. It made me wish I had been able to go but there is no way I could have survived the day out in the cold like that or standing that long. Obama hit the ground running and one of his first acts was good news for the wolves of the mainland United States. As one of his first things in office President Obama halted plans to allow hunting of wolves until more studies can be done. Wildlife conservationists say the freeze will delay and possibly prevent the removal of gray wolves from the federal endangered species list in Montana, Idaho, Minnesota, Wisconsin and Michigan, and also in portions of Washington, Oregon, Utah, North Dakota, South Dakota, Iowa, Illinois, Indiana, and Ohio. The pause will afford President Obama and his new Secretary of the Interior Ken Salazar the opportunity to rethink the previous administrations efforts to remove wolves from the endangered species list. I haven’t heard yet how the wolves of Alaska will fare under this but hopefully this will put an end to bounties and aerial killings of our wolves. I can not call that hunting as it is far from a real hunt.It is shooting fish in a barrel type of hunt as they have no chance at all of fleeing. On Jan 14th the Bush administration announced that the Northern Rockies Gray Wolf would be taken off the endangered species list, but this wipes that out. Michael Robinson of the Center for Biological Diversity says,”Rather than remove protections from wolves in a piecemeal fashion, in the isolated locations where they have finally begun to recover from past persecution, the Obama administration should develop and implement a national gray-wolf recovery plan that will ensure the survival of these magnificent animals.” This is great news and should be applauded.

A new method of phishing attack is starting to rear its head up to try and gain sensitive information from unsuspecting users. This new method goes back to the warning I have given out for years now. Do not have a sensitive page (ie, your bank, paypal..etc) open while browsing. What this new threat does is it will attack a vulnerable website and injects a javascript code into the site. When you visit the now infected site and have a window open to your bank it causes a popup to come up that tells you that your session has timed out and you need to relog in. Make sure you log out of sensitive sites before browsing. If you have a website make sure you are secure and check for any changes in coding. That is what happened to this site and some others I am hosting. It wasn’t a threat to capture your information but we did get attacked by the yahoo counter script. The first things we noticed was the fact that our rss feeds were broken. Then doing a source search we found yahoo counter starts at the bottom of the page before the closing body tags. I do not know what the exact code is that this one places into websites but will attempt to find it. I feel as a responsible website owner I should try to stay on top of the situation and even moved my sites to a more secure server.

Here is what Trusteer.com explains about the sophisticated attacks:

“An in-session phishing attack occurs while the victim is logged onto an online banking application and therefore is much more likely to succeed. A typical attack scenario would occur as follows. A user logs onto their online banking application to perform some tasks. Leaving this browser window open, the user then navigates to other websites. A short time later a popup appears, allegedly from the banking website, which asks the user to retype their username and password because the session has expired, or complete a customer satisfaction survey, or participate in a promotion, etc. Since the user had recently logged onto the banking website, he/she will likely not suspect this popup is fraudulent and thus provide the requested details.”

To protect themselves from in-session phishing attacks, Trusteer recommends that users:
1. Deploy web browser security tools
2. Always log out of banking and other sensitive online applications and accounts before navigating
to other websites
3. Be extremely suspicious of pop ups that appear in a web session if you have not clicked a hyperlink

We are in the final leg of a long and arduous journey. One that feels much longer than it really was. It is only days away that Obama will be sworn in and Bush will leave the White House forever. What havoc the last 8 years have been for the country. When Clinton left office we had a budget surplus and were on track to be totally debt free by 2009. Well that is shot to hell. We are now so deep in the hole our grandchildren will be paying for our debts years from now. Excitement mounts amongst the country knowing that soon Bush will be a private citizen again and not in charge of anything more than cutting brush at his Crawford home in Texas. Tonight Bush is supposed to be getting time from the networks to tell us all goodbye. Myself I am glad to hear it though I don’t care to hear his track record repeated, especially with his spin on it. For myself I say bye bye Bush, the only thing that could be better than this would be if I could pinch myself awake and it be November 2000 again and Gore had just won the election.

Yesterday was a milestone for me. A whole year without smoking anything whatsoever. On that day last year I never thought I would be this far along a year later. I was only trying to see how long I could go without smoking that first cigarette of the day. I never even thought I would make it through the day much less a whole year. And nothing else as a surrogate either. I had gone long periods without a cigarette before. Including a twenty year period of no cigarettes, but that was just no cigarettes. It did not count the fact that I would smoke cigars and marijuana like it was going out of style. Even a pipe on occasion. I still have a very nice pipe my son made for me out of a deer antler. I have it as well as most of my lighters if I can find them. Plus for some reason I still carry a bic lighter in my pocket. I have used it a few times to light others cigarettes for them as well as a few fires so it has lasted over a year now.
If you are trying to get the nicotine monkey off your back I offer words of encouragement as it can be done without pulling all your hair out. It is best to take it minute by minute day by day. do not look too far into the future with it as nicotine is seriously addictive and hard to kick. It may not work for you but I quit with an open pack in my pocket and a carton in the freezer. The way I feel about it is, if you can only go without a cigarette because you are out, means that as soon as you have the opportunity to get more you will go right back to smoking. You have to be ready to quit and convince yourself that you can do without that cig. I would reach for one then change my mind. I carried them in my pocket for at least a week before I quit carrying them and I still have a pack in my fanny pack where the cell phone would go. If I were to try smoking them I bet they would be rough and dry from being so old. They haven’t been opened and I have no intention of opening them but I found them in a fishing shirt and I hung onto them instead of throwing them out. Another test for me. So far I am holding firm. Even though at times I still get the urge to reach for a smoke. Makes me wonder sometimes why I ever quit, but I feel better and breath better and no longer have that cigarette stink about me. I can smell cigarettes on others and if they get close their breath smells worse than a chimney. Actually some chimneys might smell better as wood smoke has a sweet smell to it for the most part.
So don’t give up and sell yourself short. Cigarettes can be beaten with a little effort. So hold firm and put off reaching for the next smoke. I know you can do it. It is just hard to do is all. But it can be done so do not give up.

I’ve been busy yet again moving things on servers. I was not happy with the one I first intended to move everything onto when I found out that you can not have folders or files with write permissions (666,or 777). That and the fact that I still have not gotten all the releases for my other domains to move and remove the yahoo counter script from them as I migrate servers. I did find 9 instances where we had missed getting it all off the server and therefore out of the files. A couple of readme.html files and7 places where the entire code was not removed. Thank goodness for TextCrawler it has been a life saver. This script, that begins; “Yahoo! Counter starts” is either placed into js,htm, html or shtml pages that I have found so far. It is more complex code that is placed into php pages but it then generates the same code that can be found by viewing the pages source code. I tried in my last post to insert an image of the code, but that fails to give you a good idea of what to look for when removing it from your site. I am reluctant to post it online but will gladly share it with anyone who needs help and asks for it. The code is rather lengthy also so to place it into a post would lose you my readers. I tend to get lost in that much code myself. One of the easiest ways to remove it is to copy the entire text into TextCrawler. Then use a comment something like this and replace the code. This will work for all your web pages and takes only a few minutes. If you do not have that many infected pages you might wish to open them up individually and remove the code from each of them. But if you have something like a gallery I had been testing that ended up with over 3000 files infected I doubt you want to fix each file. I am not even going to replace them I am going to drop them when I move everything else. You can not even delete folders full of the infected files off your webserver as they are chmodded to 444 and the ownership is changed from your account to HTTPD. Without fixing that the only recourse is to delete them individually then replace them. A lot of work that my soon to be completely former host IX Webhosting will not help with or even acknowledge is their fault. You can get them to change ownership and even chmod the files back to 755 but if you do not get it fixed right away it will change back. Even if you do get everything fixed back but leave it on their server it puts the bad code back into your pages, or at least it did mine that way. If you need any help, or just want to vent over IX’s lack of help shoot me a line or comment. I’ll help what I can.