Wednesday, June 12, 2013

Social Skills and Those That Lack Them

I admire those that have the knack for smooth social interaction, who can express themselves without resorting to crude and ugly phrases. I am rather less impressed by technical skills, perhaps because I have 'em. When I think about the people I like the most and the one I chose to spend my life with, it is clear that social skills are their foremost quality. Etiquette, sensitivity, insight, thoughtfulness--these qualities sometimes seem scarce in online discourse. Reading some people's messages, I wonder how they could possibly have good relations with anyone at all. My guess is that they probably don't.

I have been both moderator and admin and know what goes on and who goes into a forum. I do not envy moderators. Unless there is pay--adequate compensation--the better choice is to pass. The power, the glory? Eh, there's no glory, and power is only resented, whether used or not.

Nevertheless, online discourse has improved over the years. Back in the day, things were worse. Nowadays everybody has a computer of some kind. Computer use has become more democratized. Technical skills are not the filter, the prerequisite for participation in a forum. Thus, some forums, particularly those with wider appeal, are more representative of the human population, rather than being the exclusive province of geeks.

Tuesday, June 11, 2013

Copying Large Numbers of Files Over a Network in Linux

Linux and Window desktops are ill-suited to copying thousands or millions of files over a network. I don't know why. It's a weak spot in all desktop GUI's. I know that KDE's file manager, Dolphin, does nothing but spin its wheels when I try to copy much over a thousand files. I think KDE goes crazy just at the thought of so many files. You expect me to do all that work? For what you're paying me? Hmph! I have found that the easiest way to copy files over a network is to archive them into a single file and then copy that single file across.

Why Game of Thrones Repels

I watched the first two episodes of the first season of "Game of Thrones" again to understand why I hate it. The problem is the ugly spectacle of outrageous injustice, and good people that do wicked things merely to obey. When the good King's Hand murders, in cold blood, his son's loyal and beloved pet dog, which was innocent of all wrongdoing, that's when I turned against the show forever. Whoever wrote "Game of Thrones" did so while sitting on the throne and found inspiration from what he had dropped below. It is repulsive, cheap, gory drama for the sake of drama with no redeeming literary or cultural value whatsoever. The villains are pasty, weak cowards without a scrap of redeeming value, which is unrealistic, because how on earth could such specimens retain their position of power? They could not. Villains should be portrayed in a realistic light, not as the bucket into which all human evil and frailty are poured. I suppose I must now view Game of Thrones in the proper light, as well-done, big-budget soft-core porn and nothing else, because it is nothing else.

I will tell you a good show: Vikings. It is ten times better by any measure one would care to apply, and it is realistic and historically accurate--extremely so by film standards, regardless of the quibbles of academics. Another great show is Tudors, which I have watched twice and intend to watch again one day.

Working Dreams

I dreamed I was in a classroom, sitting at a desk, which was true for about twenty years of my life. Behind me sat my new boss, an older man, although this didn't make sense because there's no boss in a classroom setting, but there he was, a superior officer in our organization. He asked for the cards that I had brought from home. These, he said, must be kept for safekeeping. I was set against that, but he insisted. I gave them to him only with the greatest reluctance. I felt sadness, then anger. Then I reflected that the cards I brought from home could not possibly matter to him at all. He was only doing this to press my buttons. He was trying to provoke me, to see what I would do, to test me. Someone had spoken against me, someone had put him up to this. This revelation, this insight into the truth of the matter, filled me with calmness. I could not be angry or sad, because negative emotions were what the enemy wanted me to feel. I must be strong, superior to them. I said, "You think that I'm arrogant. If I were arrogant, I'd be suffering. But I'm not." And it was true. He studied me for a moment, nodded and said, "You may have the cards back." They were in a safe by his desk, which I opened to retrieve my cards. What was on the cards? I don't know. All of this is abstract. I don't know who the boss was--didn't recognize him. Don't know what company I was working for or why I was in a classroom. The dream seemed to revolve around arrogance and whether it will defeat me, whether it has defeated me before.

My second dream, I was invited back to my old company to work on something. I can't remember whether I have done that before. I will have to ask my partner. I have had many dreams where my old company invites me back to work on something just for a week or two as a temporary employee. I do my work, earn about a grand or two and then leave again. I had this scrap of paper in my hand with scrawled handwriting telling me what I needed to get done. I thought I understood it--simple enough, same stuff I used to work on back in the day. When I walked in, some people were surprised to see me, and I spent the morning in introductions and hellos and chit-chat of no very great consequence, such as I had observed many a time. My old working buddy came up to have me work on something she needed. I miss her. She was pleased, amazed to find that I remembered so much and could do some of the things that I used to do before. But then a qualm upset me. I felt that I may not have read the note in its entirety. I decided to review its contents once more. My suspicion was confirmed. On the back, which I had neglected to read, it said to call this number immediately and talk with so-and-so.

Monday, June 10, 2013

Wordpress Security Vs. Wordpress Search Ranking

Wordpress security is sometimes at loggerheads with a site's search ranking. There are many tricks and tips recommended by security wonks that will actually decrease a site search ranking, such as banning all hits to xmlrpc.php, or disallowing various paths in robots.txt. I've experimented over the last several days and learned what works and what is counter-productive. I do not believe it is wise to ban hits to xmlrpc.php, and I do not think web admins should second-guess Google when it comes to directing robots. Google knows what it is doing, for the most part, and additional rules make Google angry, in a manner of speaking. I watched my site plummet from #2 in search rankings for a particular term to #5 after adding a lot of rules to robots.txt. Needless to say, I yanked those rules right out!

There is such a thing as having enough or even too much security. With regular backups of the database and the files, I am not inclined to follow all of the recommendations set forth by Perishable Press, one of the few sites I regularly follow. I view Perishable's advice in the way of guidelines and educational material. The author has a knack for explaining technical issues without resorting to jargon, with a humorous style reminiscent of Stephen King--the American vernacular, gotta love it--and he offers excellent examples on .htaccess. He is my "go-to" site when I am confused about arcane .htaccess syntax, which is often, because .htaccess syntax is unintuitive. I use some of his security tips, but not all, because some cause problems. I am also concerned that perhaps other problems may be created that I cannot detect, problems that may become evident in the future after I add a new plug-in or there's a new update to Wordpress.

Perishable's .htaccess code is sometimes compressed in a way that makes it difficult to debug or understand what is being done. Perhaps that is a form of showing off or maybe the intention is for the code to execute faster, but I'd prefer to sacrifice efficiency for readability and ease of maintenance.

I am no stranger to compressing code. I won a little contest back in the '80s, getting my name and program published in a national magazine. The challenge was to code a BASIC program that did something cool in only one line. Each BASIC statement could be separated by a colon (:), and GOTO 0 was allowed. But was this a useful or helpful skill? Maybe. This sort of experience may have helped me become a better maintainer of other people's spaghetti-code programs, which comprised a large portion of my career. I rarely had difficulty finding and fixing bugs.

I think Apache wrote the language for .htaccess back when every byte mattered, and in order to save a couple bytes, they made the language cryptic and anti-human. I much prefer languages such as COBOL, batch/script, or BASIC for their sheer readability. I never was a fan of C++, even if it is twice as fast. In my opinion, buy a faster computer, if you need speed. When programming languages are easier to understand and to code, then greater deeds may be wrought by human minds and with far fewer bugs. That's my philosophy about programming. I have indeed worked with extremely cryptic computer programming languages--assembler, no less. I am merely stating my own preference as a programmer and user. It's nice to be able to look at source code and figure out what is going on in just a few moments. Maybe my opinion does not dovetail with job security for those programmers already entrenched in cryptic languages, but it seems rather obvious to me.

Flashblock 1.5.17 Eliminates Annoying Flash Autoplay

Ah. Peace and quiet again on my browser. Thank you, Flashblock 1.5.17, another fantastic Firefox add-on!

News sites like USA Today have gotten obnoxious, playing video the minute one clicks on an article. They must assume that their guests are lazy. Perhaps that may be so. When I visit, I don't want my reading interrupted by someone speaking to me. I can acquire more information reading than listening to someone read for me. I don't know what is wrong with the world that people don't want to read. I often find that when I search for things, Youtube videos are at the top of the search rankings. I want to know who has the time to wade through a ten or twenty minute video to learn a piece of information that could be found in thirty seconds in a well-written article?

I wonder if Google Chrome has such a feature as Flashblock? Probably not is my guess. There is so much Chrome cannot do. People claim it's faster playing their precious videos, so I guess that is what is important to them. For my part, I install an add-on to disable videos, because they are annoying.

Sunday, June 9, 2013

Spying on Americans

Snowden confirms what I've suspected for some time. Government is in the hands of the wrong people, those who think lying is a trifle and who don't give a fig for the Bill of Rights. The spies read our private email and monitor our telephone calls--that much is now known. What's next on their agenda? I suppose they also want to hack into our personal web sites, spy on us night and day with cameras (hidden or not), and fly drones over America from coast to coast searching for whatever it is they think is important. Orwell's 1984 gets closer to becoming the status quo in America with every passing year.

I would not put it past these spies to have already hacked our web sites or to have engineered trojan horses already and unleashed them upon America. I think it is very likely that U.S. agents are behind a lot of web site hacks, hacks of sites owned by Americans. After all, they're fightin' terrorism, dontcha know? They have to check up on you, make sure you're not a terrorist. Are you? Well, you can't be believed, anyway. You're probably lying. Everybody's a terrorist, or a potential terrorist, so everybody has to be spied upon, day and night preferably, with a web cam in the bedroom and the bathroom to be absolutely sure.

Terrorists--yeah, sure. A convenient excuse to keep spying and gathering data on Americans. I don't think these foreign wars, which never end, are worth sacrificing our freedom. I don't think they are worth turning government into a spy state. But I never had a high opinion of Mr. Bush's wars in the first place. I think people in government are the reason the economy is in such a poor state. They are more concerned with their foreign wars than they are with the U.S.

Some people wonder whether those drones in Pakistan are just beta versions being tested and refined for use here at home.

I can't remember another issue that irritated more than this revelation that confirms, once and for all, that ordinary Americans are being spied upon. I wasn't even that peeved by Obama's waffling over gay marriage and other gay issues. The reason must be that I have grown accustomed to politicians promising the moon and Stars to gay people, and then once in office turning the other way. I was not accustomed to the idea that secret agents are opening not just my own, but everybody's private mail and reading everybody's correspondence and using that information for unknown ends.

Saturday, June 8, 2013

Carter was Ethical

I'm old enough to remember President Carter. He was our last President to really care about ethics. There are thorny questions one could pose to the other Presidents that would just dissolve any pretences they might have. I wonder about Obama sometimes, now that we know he approved spying on Americans. I don't believe anything that his spy chief says. They didn't want us to know about their spying. Now they are spending all their passion on vindictiveness, on their plans to punish whoever betrayed their secret. But it should not have been a secret in the first place. They spied on ordinary Americans on a massive scale. Now that they're caught, they say, "Oh, it's not so bad. See, we were doing because of, you know, terrorism and stuff." I just don't believe it. If they had been honest in the first place and told the country what they were doing, then that would be one thing, but they have their hand caught in the cookie jar and are just trying to deflect some heat.

When Reagan ran against Carter in '79, I switched my support to Reagan in alignment with my father, but we were wrong. Carter took the blame for a sour economy and the Iranian hostage crisis. That's why he lost the election. Reagan paid off Iran with weapons to get the hostages back and then spent his way out of the recession. All he did was spend, spend, spend. He paid off the Iranians and paid off private companies to build more bombs.

Carter was special in that he kept on working for the country even out of office. He was not afraid to state his opinions about world issues, even if these opinions sometimes made him unpopular with certain groups like the pro-Israel lobby. I am convinced he spoke from conscience more than any of these other Presidents we have had. I listen to these other Presidents speak and I read quotes from these guys and it seems to me they are calculating every word, even down to the punctuation they use, based upon political factors. They're good at politics, maybe better than Carter on politics, but not so good at ethics.

Is ethics without value? Many people think so, including those that are in positions of authority today. I think having ethics is what distinguishes a great leader from a mediocre one. People do respect ethics. Otherwise all our heroes would be villains, but they're not, are they? Our heroes are people who did what they thought was right. I think ethics bestows a generous reward on those that practice it, because ethics, more times than not, coincides with the wisest course of action. Intelligent, educated fools scoff at ethics and think they know better at their peril, because the world's complexity defeats even the most cunning. It is wise to walk in the way of righteousness and to refuse those opportunities to steal what seem to be trifling advantages.

Dreaming of My Enemy

I dreamed of my enemy last night. Why, I don't know. I haven't seen him in twenty years. Maybe he died, and his passing somehow touched my unconscious. Don't scoff at my supernatural hypothesis, reader. There is more in heaven and earth than is dreamt of in your philosophy. His father died early of a heart attack, and so perhaps now that he is reaching the same age as his father. . .

He isn't my enemy any longer, of course. Twenty years has a way of erasing such distinctions, at least for me, and for the relatively mild wrongs wrought by that nothing. I don't care enough about him to even search the Internet and find out what he is up to. I've tracked down others--old flames, friends, and acquaintances, out of curiosity in the past, but once my curiosity was sated, I always had the feeling of "so what?" It doesn't really matter what they are doing now, or whether they are not doing at all--whether they are dead. Once so many years pass by, then people are strangers, whatever they might have been before. Absence doesn't make the heart grow fonder after all.

He was hell on wheels back in the day, and I used to think of him as my archenemy, as indeed he was for a time, but then we got older and ceased to care. The last interaction I remember with him, he was standing by the side of the road. His car had a flat tire, and he did not know what to do. The fool hadn't carried a spare like I always have done. He probably did not know how to change tires. I said not a word, but kept on walking. He could read the look on my face well enough to gather that I wouldn't have lifted a finger to help him. That was what impressed me the most about him, that he could appreciate the consequences of his past actions.

What was my dream about? I don't recall. Maybe it was an erotic dream. He wasn't bad-looking, as enemies go. I don't remember him having a girlfriend, even though he trumpeted his homophobia to everyone, like a pathetic badge of honor. I thought for sure he was a closet case. He palled around with the best-looking guy in school, his very best friend, and didn't spend any time with girls at all. There always seemed something fake to me about his loud avowals of desire for females. I have known a lot of straight guys in my day, and they didn't feel the need to run down gays.

The night before, I think I dreamed about the upcoming phone interview on Friday. I remember a strong premonition that things would not go well. The tension caused a spasm in my left calf, which woke me up. The muscle was like a rock. It was bruised the next day from the long-lasting spasm. I detest spasms, but they do occur on rare occasion, the body turning on its owner.

I don't think much of that premonition, because almost all phone interviews go ill. Phone interviews are just a quick and cheap way of weeding people out, when somebody has a ton of applications. The odds are all against a phone interview. If somebody is serious, they will meet in person.

What use are premonitions if they foresee likely events? I want a premonition that will make me rich or give me an opportunity to work and earn money. That's the kind of premonition I desire. I don't trust poor psychics. And I don't see why psychics would need to sell their services. I don't want premonitions of unhappy events, either. No more damn spasms. I want premonitions of good things that could happen to me, if I do a, b, and c.

Friday, June 7, 2013

An Interview

I was told during a phone interview today that I lack administrative experience. This was not volunteered feedback. I extracted it from the interviewer with a direct question: "Do you feel that there is anything that would disqualify me from this position?" Is that a gambit? Perhaps it is. I find directness helpful, because it cuts through the crap. I want useful feedback. If I don't get the job, give me a clue why. Otherwise the interview is of limited value. I am direct in all my questions. All I care about is whether my resume, cover letter, and presentation are okay. The rest has no meaning, because I can research to find the answers to everything else.

Administrating programs and procedures and protocols? Surely I have done that in my life. What the remark suggests however is that there are applicants that are better known to the decision-maker, applicants with what is thought to be "administrative experience," possibly people that are already vouched for by someone known to the interviewer. The selection of that other will be justified by their "administrative experience."

My pride is wounded by applying for humble jobs with modest demands and being told I haven't the right experience for them. What, am I incapable of learning any new skill? Am I fossil already? Do my degrees and experience mean nothing? The answer is yes, my college degrees mean nothing, their value is zero or even less than zero. My experience means nothing either. No one thinks anything about computer programming, no one holds it in any special regard at all. All that matters is who one knows. What one knows is of less importance.

I was told there were hundreds of applicants just for this one little job paying twelve dollar an hour, and I was one of only fifteen called for a phone interview. Should I be flattered by that? Maybe. I'm not though. I'd really prefer not to have wasted my energy upon hoping for a better life. Oh, I had such eagerness--was almost giddy. I felt alert and aware. Yet it seemed that nothing I said impressed the listener, that she had heard it all before and was rather bored and disinterested. Never once did she offer any positive feedback. How I wish I knew someone that was close to her! That would have made all the difference, I'm sure. I could not get through the firewall. I had a strong suspicion she had already made up her mind to choose someone else, and I don't really know why she called in the first place. Perhaps she thought I was female and turned against me upon finding I was not. That seems to me a very likely scenario, because I know how clannish women can be. Many women strongly prefer to work with other women. So what she said was probably a convenient excuse, a white lie. There is really nothing I could have said or done to eliminate such a strong bias.

I am a good listener. I can read into choice of words and tone of voice pretty well, and I felt my chance was over and done. A black wave of despair passed over me the minute I put the phone down. It is times like this that I fear death not at all.

Writing about the experience helps. I feel better here at this last paragraph than I did at the first. Once one confesses to despair, that is the essential lever to lift the heavy burden from consciousness. Do not feed the despair. Do not drink. One must confess. Confession is good for the soul. "Yes, I have this wild feeling that things are hopeless, yes I feel like a drowning rat. Yes I feel that my talents are being wasted." With confession, the despair becomes an interesting unusual thing, like a sombrero, and one's curiosity is piqued. Why am I wearing this sombrero? I don't usually wear a sombrero. I will take it off. The hat fit me half an hour ago, but I think I'm over it now. I have such a good life. Yes, life is good. I do not need to wear the sombrero.

What fits me better is stoicism. We live, we die. That is all. As long as there are still good moments, free of pain, that is all one should expect.

Jonesin' for Wordpress 3.6

I eagerly await the overdue release of Wordpress 3.6 and moreover the twentythirteen theme. I haven't updated my Wordpress theme in ages, and I feel like now's the time, especially since I have time on my hands. The twentythirteen theme is supposed to offer superior support for mobile devices. I don't use one, but so many people do that of course I want to keep those people happy.

Yet another part of me wonders whether it is wise to join the other lemmings leaping into 3.6. Perhaps it is better to remain with the tried and true 3.5.1 and wait to see how 3.6 pans out in terms of security and stability. Perhaps I should give the hacking community time to find all the weaknesses in the next release. I don't know. I think if I backup on a regular basis, then I can deal with whatever may arise.

Thursday, June 6, 2013

Our Government is on the Wrong Track

Some are cynical about everything to do with government. Being a Democrat, I am persuaded that sometimes the government is capable of doing good things and that it acts as a check and balance upon private power. But government's security apparatus certainly has proven itself capable of excess.

The Washington Post posted an article today about how the government has been spying on Americans through the Internet. The Guardian followed up with another article explaining how pervasive the government's spying is. I can't say I was surprised, as I have detected the shadows cast by agents on numerous occasions through the years. I rather suspected that widespread spying was going on, targeting ordinary Americans for a multitude of rationales which all boil down to keeping the poor in their place and bringing more power to those who already have it. Ah, those with power always want more! Is that not an accepted fact of human nature?

Those who believe that their communications on Facebook, Google or other online services are respected as privileged and private are fools. Those who believe the government does not release viruses and spyware are also deluded. There are many undercover agents posing as ordinary people on Facebook, Amazon, Google and every other social media site. To lie is nothing to them--a mere trifle.

The rich and the powerful crapped their pants upon realizing the levelling potential of Internet technology. Now governments around the world, including the U.S., are doing everything they can to subvert the technology in order to enforce the age-old paradigm, wherein the less privileged remain so and the aristocracy hold all the cards.

The White House and Civil Liberties

The White House is defending a massive intrusion by the government on civil liberties for political reasons. Whatever the ethics, now that the cat is out of the bag I think that this tactic is of limited use, capable of ensnaring only the careless. Perhaps most criminals and terrorists are careless. Perhaps that is why they resort to criminality and terrorism. I think any intelligent individual could devise a way to disguise the source, destination, content, duration, and frequency of telephone calls. But how intelligent are terrorists, anyway? Not very, one would think.

At any rate, I don't think avoiding terrorism is worth giving the government a blank check on civil liberties, because once such liberty is sacrificed, when is it ever recovered? The government is inclined to take more and more. Where do all these seizures of privileged information end? I don't see any end, and I see rather increasing reliance on eavesdropping. Information makes those in power even more powerful, so it is always tempting to seize more and more information. Power is a drug.

I find the Obama administration just as bone-headed as the Bush administration was on civil liberty. Where is the difference? All of this fear and paranoia to justify the loss of liberty is unbecoming. I find that Obama is too right-wing and too willing to sacrifice individual liberties for what he deems "the good of that state." Perhaps Republicans would fault him for it if he were not so. Perhaps this is another case of Obama playing the politician rather than the great statesman he could have been.

Saturday, June 1, 2013

Blexbot Content Scraper is Really Nielsen Media Research

I had great difficulty finding detailed information online about an IP address, 216.176.177.162, that appeared in my site log over ten thousand times. But now that IP address is cold busted. It belongs to Nielsen Media Research, a pack of content scrapers. They do not wish to be identified as such, and so they lie, and call themselves a random name like Blexbot. Tomorrow they will be clexbot, and the day after that, wmu-bot. What are Content Scrapers? They are greedy bots that attempt to grab every piece of data from a given site. Interesting bits of this data are then grouped together and sold to companies, governments, or individuals. In short, they grab content and try to profit from it. They do not send traffic. They should be banned by every site, no question about it.

Lookie what the scumbags are doing on a Wordpress site:
216.176.177.162 - - [29/May/2013:06:21:13 -0800] "GET /password HTTP/1.1" 404 2438 "-" "BLEXBot"

216.176.177.162 - - [29/May/2013:06:21:16 -0800] "GET /signup?context=webintent HTTP/1.1" 404 2438 "-" "BLEXBot"

216.176.177.162 - - [29/May/2013:06:21:18 -0800] "GET /reg/join HTTP/1.1" 404 2401 "-" "BLEXBot"

216.176.177.162 - - [29/May/2013:06:21:21 -0800] "GET /forgot_password HTTP/1.1" 404 2438 "-" "BLEXBot"

They're not just content scrapers, they're malicious hackers. Those 404's you see above? That code means they're making up links as they go along, running them up the flag pole to see if anybody salutes. Meanwhile, the web admin gets to have fun wondering what's wrong with his web site that all of these 404 errors are popping up. (There were many more than just the above examples.)

Subscribing by Email

My mail reader informs me of new messages instantly. Partly for that reason, I never subscribe to newsletters. I never want to receive email from any company unless I have had recent or ongoing business with that company. Amazon sends me email when I write a review, or when someone comments on my review, and that is all right as well. Email in response to recent action is all right. However, companies assume that someone wants a newsletter on the slightest pretext. I left a comment on ZDNET recently, and their morons concluded I wanted a newsletter subscription. ZAP! POW! WRONG! If I want to read something, I will visit a site or subscribe via RSS. Only important matters should be transmitted via email. Email is for friends and business contacts only. Has ZDNET never heard of RSS feeds? What dinosaurs! Actually, I don't use RSS either, but if I were of a mind to want a regular newsletter, then RSS is how I would go about it.

Some outfits require a user to jump through a bunch of hoops in order to unsubscribe. Many require typing in the email address. I don't bother with all of that. The maximum effort I'm willing to put forth to unsubscribe is two clicks. I am doing the sender a favor by actually being nice enough to unsubscribe. If a third click or any typing is required, then I won't unsubscribe. Instead, I'll mark the email as spam. The more people that mark such email as spam, the more likely that the email provider, such as Yahoo, will default all the sender's emails to the spam folder for all users, which is right, because newsletter-pushers are indeed spammers.

Bot-Net Attack? What Bot-Net Attack?

I read many articles today about the brute force attack targeting Wordpress sites. My site is secure, and I just laugh at the enormous waste of that stupid bot-net's bandwidth. Each hit taxes my site about 500 bytes, so those scumbags will have to hit my site 2,000,000 times in order to waste one of my gigabytes--but that calculation seems rather liberal to me. After all, my deflate instruction is near the top of my .htaccess file, so I would wager that instead of 500 bytes, the server actually transmits each bot closer to 300 bytes, maybe lower since old 403.html is, after all, mere text, which receives quite optimal compression rates from any compression algorithm worth its salt.

But igor's solution will never be the thing people click on in google. Packaging and appearance are the thing. That is all right, because it is enough for me that my client's site is perfectly impregnable. I want his site to be fast all the time, I want it to look right all the time, and I want black hat hackers and evil bots to fail in everything they attempt.

Upon reflection, I think the stupid brute force attack against wp-login is meant to promote the sales of some cybersecurity firm(s). Let us be clear, it is not a serious attack. It is a stupid and ineffectual waste of bandwidth. Some cunning CEO may have decided to hire a bot-net to launch a stupid, ineffectual attack against everybody, knowing that the ignorant and the easily frightened would shell out money to buy a quick fix, a little band-aid to put on their precious web site to lull them into a false sense of security. I just don't which company(ies) are behind the attack, which stand to gain. There are probably a thousand different suspects.

Friday, May 31, 2013

The Vikings Are Coming

Vikings is a new show that every student of history should watch. It smacks of historical accuracy to me. The script is fairly well-written, too, depicting a primitive era in European history, the Dark Ages. Christianity and all the other sacred cows of Western civilization are treated in a fair, objective manner. I was skeptical at first, but the show won me over with its good characterizations, realistic action and realistic dialogue.

As a side note, I found it amusing to imagine that Vikings depicts not only our past but our future, after various calamities foreseen and unforeseen descend upon our planet. Such a thought can only amuse one who expects to be dead by such a time. I am an optimist. I expect all now living to be dead before our civilization collapses into barbarism.

Thursday, May 30, 2013

Linux? I Don't Even Know What That Is

I told one of my clients today that I use Linux, and they replied, "I don't even know what that is." My client was sick of Windows 8 and wanted to dial back to Windows 7, so without thinking twice, she bought a copy from a local retail store. Of course, Microsoft wins; they sold her both Windows 8 and Windows 7, which makes for quite an expensive operating system--about $150, all told. Microsoft is being rewarded for making a turkey out of Windows 8.

In my view, she'd be better off with Linux, but how can I suggest a thing she never even heard of? Linux deserves better name recognition, but what can be done? One can point out that most of the web sites in the world run on Linux, and that mobile devices often use Linux, but that is not quite as apparent as the brand one sees on almost every laptop or desktop.

What deters me from recommending Linux even more is that mainstream Linux distros have little issues, and Linux gurus or even Linux journeymen are thin on the ground. She can't ask her friend, neighbor or nephew for help with a Linux system. That's quite a disadvantage.

Could I in good conscience recommend Kubuntu? Nope. My Kubuntu 13.04 system running KDE 4.10.3 is now booting up with two blankscrn.kss windows for no apparent reason. Do I really want her calling me on the phone asking what is wrong with Kubuntu and how did it get infected by a virus? Then there was the problem I wrestled with where Kubuntu dialed the clock back three hours. I had to use the command line to fix that problem and some pretty arcane syntax, too.

Could I recommend Open Suse 12.3? Nope. Open Suse won't install a printer for anybody but a bonafide geek. Open Suse will give an error message the minute she tries connecting to the Internet. Open Suse will give an error message on her very first update after installation, because even after all these years, the devs haven't learned to remove the dvd from the repository list. I wouldn't recommend Open Suse to anybody.

The only Linux distro I'd feel safe recommending to a low-tech individual would be Linux Mint Xfce or Cinnamon, but there again, Linux users are thin on the ground, so anybody who ventures into the Linux world has to be comfortable browsing and researching online forums and wikis in order to resolve the occasional unforeseen and the unexpected. I am comfortable and I think extremely good at performing online research, but the average user is not. The average user wants to speak to somebody on the phone or better yet, ask someone in person. At least with Windows, everybody and their brother knows a little something and the herd can help each other cope with Windows' eccentricities.

Wednesday, May 29, 2013

I Love Deleting Comments

Out there in Internet-land, SEO scumbags are paying a bunch of needy nerds about ten dollars an hour to leave comments on blogs like mine. I mark such comments as spam and delete them. Ha-ha, game over, wah-wah-wah.

Takes me all of five seconds to clock SEO shills. For the record, igor was not born yesterday.

I see these shady Internet jobs on E-lance all the time. E-lance was made for crap jobs like that. I may be a needy nerd myself, but there are certain jobs I don't deign to do for ethical reasons. The money is beside the point. I can't stomach the thought of ever being a spammer that promotes crap sites on the Internet. Now if the site were worth a damn, that might be another question, but I don't work for the unethical or the ignorant.

I wish more people had scruples about who they work for. The world would be a better place. Homo Sapiens 2.0 needs to have a faculty in the brain that refuses to behave like a slave--refuses to work for evil ends.

Attack-bots Hitting Wp-Login on Wordpress Sites

I've noticed in my log recently that thousands of bots have been hitting wp-login.php repeatedly, despite being served 403 pages. I am not sure of the motivation of the attackers. However, thousands of hits on a .php file certainly can be a drain on system resources.

I developed a simple method of reducing the impact of wp-login attackers. After my deny-froms, I placed the following code in my .htaccess file. It is useful for Wordpress sites that do not permit users other than the administrator to log in, and where the admin uses a static IP address, which is an ideal scenario for security purposes. I should note that wp-login is specifically disallowed in my robots.txt and that there is no link to it on the Wordpress site in question. Thus, my code will not ensnare rule-abiding bots such as Google's.

My code is not applicable to all Wordpress sites. Some WP sites let users register and log in. I opted not to go that route, because our site is such a small one that I doubt anyone would remember their password. Our users can leave a comment by logging into a popular social media site.

#Block WP attackers
RewriteEngine on
RewriteBase /
RewriteCond %(REMOTE_ADDR) !^www\.xxx\.yyy.\zzz
RewriteCond %{REQUEST_URI} ^/wp-login [NC,OR]
RewriteCond %{REQUEST_URI} ^/wp-admin [NC,OR]
RewriteCond %{REQUEST_URI} ^/install.php [NC]
RewriteRule .* - [F,L]
Place any static IP addresses that admins use in the above code (where www.xxx.yyy.zzz is). The code should exclude the IP addresses of legitimate users--admins--who log-in to the site. One could exclude multiple IP addresses by adding more conditional lines.

The first conditional statement checks the IP address. If it does not match (indicated by the exclamation mark), then if the user is requesting the wp-login, wp-admin, or install page, that user is redirected to the 403 page. All of this happens without engaging the database or invoking any php code, so it is fast and efficient and minimizes the toll of the attack bots on system resources. I have banned the IP addresses of the vast majority of these attackers, but I notice a certain percentage do slip through with novel IP addresses, so this is a way of preventing them from forcing the server to load and interpret wp-login.php.

My 403 page consists of a mere 500-odd bytes with links intended to tempt bots to visit various spam-bot hells around the Internet, where they may encounter honeypots, investigators, bogus email addresses, bogus links, and in general waste a lot of their time and effort and generate no data of any use at all to them.
techlorebyigor is my personal journal for ideas & opinions