Computing e-books for $5

Leave a comment

Computing e-books for $5

https://app.packtpub.com/#

Make sure you go through the app store for the discounted books.

2013 Feb: YahooXtra’s email hacking

Leave a comment

YahooXtra: What actually happened? 

A WordPress vulnerability caused this…

http://www.iitp.org.nz/newsletter/article/414?utm_source=email 

and another

http://arstechnica.com/security/2013/01/how-yahoo-allowed-hackers-to-hijack-my-neighbors-e-mail-account/ 

 

 

.. and looks like my Backup blog has suffered a hack again too. Getting to the stage I'll switch it off and use a different Blog system.

Domain Name cloaking using frames

3 Comments

Learn't something the other day. We have a wordpress web site on hostable.com and the Domain Name is with Freeparking.

We have been having trouble with the url displaying in the browser. So you get "http://mydomain.com/" no matter what page is displayed – this is pretty useless if you want to bookmark a page.

Lots of web searching revealed that Freeparking cloak your site in a 100% frame – which is VERY bad form as search engines tend to ignore any frame based sites (we couldn't figure out why the site rated so poorley).

So the actual page HTML looks like

<frameset rows="100%,*">

<frame name="top" src="http://xxxx.12345.a.hostable.me/wordpress/&quot; noresize="noresize" frameborder="0" scrolling="auto" />
<noframes> 
   <body>
   <p><i>This document uses a frameset.</i></p>    
   <p><a href="http://xxxx.12345.a.hostable.me/wordpress/">Click Here</a> to view the page.</p>
   </body>
</noframes>
</frameset>

Ok.. so off to Freeparking Help desk .. and their response

 

Subject: [WebFarm/Freeparking #1400011] URL Redirection – xxxx.co.nz

 Hi ,  There's no good answer to that unfortunately. Cloaked wont show much in the way of filenames, or anything else, as you mentioned. You can really only cloak it or not cloak it.  — Regards, Chris

So the choice is either show xxxx.co.nz on all pages or  forget the domain and wind up with urls like http://xxxx.12345.a.hostable.me/wordpress/be-involved/ .. so whats the point of the domain name???

There does not appear to be away around this apart from:

  1. Host the site with freeparking or
  2. register the domain name with someone else (though check if they also do cloaking the same way – I have been told godaddy does the same)

Any ideas welcome….

13-Aug: Suggestion from Inga – does require certain conditions to be met before this will work.  http://www.thesitewizard.com/apache/frame-blocking-anti-clickjacking.shtml

 

WordPress hacking: Bat Boy and Mr. DJh

1 Comment

Grr!@###$

What a damn nuisance  looks like there is a way to hack your WordPress web site. My research shows it as The Bat Boy or in my case Mr. DJh (see below)

Bat Boy Hack on WordPress

It does 2 things

  1. Changes your admin login & email account in the users table and (this means you can't log in as admin)
  2. Changes index.php code for the theme (which is what shows on the page)

Anyway this is how to fix it:

http://www.youtube.com/watch?v=ESp_rceZ_gw

UNFORTUNATELY, in my case the admin user was unchanged (but I still can't log in) but one of the index.php files in the template was changed (you can see by the edit date on the server) though cleverly in code: starts like

? echo(stripslashes(base64_decode('PGh0bWw+ ….. 

Renaming the folder killed the site so the hack is in there somewhere and this was the only program with a different date that I could find.

At this stage I can either find the index.php file (which is pretty old) or reinstall WordPress and import the main blog (which I will probably do as it was only my backup anyway). 

I am guessing a flaw was found in one of the versions of WordPress and subsequently fixed by the WordPress people, however (as in my case) this was my backup blog and was quite old – so probably had the flaw still, and so wide open for the hack. My more recent one was left alone (so far) – this one. Can anyone confirm this???

So the Moral is "Keep up with updates" – yes I should know that!!!!

Wi-fi (Wi-5) hotspot rating

2 Comments

Have been to a few hi-fi hotspot places recently and thought it would be good to create a wi-5 hotspot rating system !

So here is my first go. Would really appreciate some comments so we can make this ubiquitous and the ratings need some trendy names. At the moment I am playing around with the rating so expect it to evolve for the time being. Apologies to the few companies mentioned but someone has to start to give an example (If I have got it wrong let me know and I’ll upgrade your status)

Version 1 (June 2011)

  • Wi5(☆☆☆☆☆) (Free)
    • 5+ = Unlimited Wifi
    • 5 = Free wifi (requires accepting conditions, no password/userid)
    • 5- = ?
      • Wi☆5 (☆☆☆☆☆+)Wellington free wi-fi: (Covers the area south from Frank
        Kitts Lagoon and along the waterfront side of Te Papa.)
      • Wi☆5(☆☆☆☆☆-) MacDonalds (There is no time-limit, but there is a data limit of 50MB per customer.)
  • Wi5(☆☆☆☆) = Free Wifi requires a password
    • 4 + = wifi requires passcode but publically viewable (e.g. on a blackboard)
    • 4 = wifi requires passcode available on a docket
    • 4 – = wifi requires password but have to ask staff member
      • Wi☆5(☆☆☆☆-) At E’s cafe, (Havelock North), Hawthorne’s Coffee Roasters (Havelock North, NZ)
  • Wi5(☆☆☆) = (Pay) 3G access
    • 3+ =
    • 3 =
    • 3- =
      • Wi☆5(☆☆☆-) Vodafone $1 / 10MB per day (a minus rating as 10MB is pretty small)
  • Wi5(☆☆) = (Pay) Buy a ticket with a password
    • 2+ = ?
    • 2 = ?
    • 2 – =
      • Wi☆5 (☆☆-): provider: ???: The crossing (Napier, NZ)
      • Wi☆5 (☆☆-): provider: ???: BJ’s cafe & Coffee House
  • Wi5(☆) = (Pay) Pay with a userid/password
    • 1+ = ?
    • 1 = ?
    • 1- = ?
      • Wi☆5(☆-) provider: ???: The crossing (Napier NZ)
      • Wi☆5 (☆-)provider: ???: BJ’s cafe & Coffee House
  • 0 = No access (3G only)

 

zotero standalone version

Leave a comment

From JJ

“An alpha release of standalone Zotero has been announced, part of the larger Zotero Everywhere project. Standalone Zotero Alpha does not require Firefox to run and is available for Mac OS X, Windows, and Linux. Alpha plugins to connect standalone Zotero to the Google Chrome and Safari browsers are already available (a plugin for Internet Explorer is planned).

And I didn’t know there was a chrome plugin either !!

Application stacks for Open Source Software

Leave a comment

http://bitnami.org

Run your favorite apps …  Joomla!DrupalRedmine,MediawikiWordPress,… on your favorite platform. BitNami Stacks include an open source application and all of the other software necessary to run it, such as Apache, MySQL, PHP or Ruby..

(Also from JJ)

Web page Colour scheme designer

Leave a comment

Another link from JJ to help you with the colours in your web site.

http://colorschemedesigner.com/

Microsoft Tech Ed Online 2010

Leave a comment

http://www.msteched.com/2010/NewZealand

Videos from the Microsoft Tech Ed – link from Paul Lo

Proxy Switching On/Off

Leave a comment

One of the more annoying things when you carry a laptop between home and work is that you constantly have to turn the Browser Proxy on (for work) and off (for home).

If you don’t know what a proxy is, Wikipedia starts out “In computer networks, a proxy server is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers.”  Proxy Server (2010) – http://en.wikipedia.org/wiki/Proxy_server

In IE this involves…Tools > Internet Options> Connections>LAN Settings> then check the “Proxy Server: Use a proxy server …”. Then [Ok], [Ok], and then you can refresh your page. (Of course you can always do this by right clicking the Browser icon on the desktop and selecting Properties>Connections, etc…

Chrome uses the same Proxy dialog so requires Tools>Options>Under the Bonnet>Change Proxy Settings>Connections>LAN Settings> then check the “Proxy Server: Use a proxy server …”, then [Ok], [Ok]”

Firefox Tools>Options>Network Settings >Choose proxy type>, then [Ok], [Ok]

Its a shame browsers don’t have a one click Proxy on/off…. BUT wait… others have realised this and fortunately there are one click proxy extensions.

Some one click proxy switchers  for Windows.

IE –  Proxy Pal http://www.softpedia.com/get/Internet/Servers/Proxy-Servers/ProxyPal.shtml – very simple and seems to work brilliantly

Chrome – Switch HTTP Proxy  (https://chrome.google.com/extensions/detail/fajkpbphiejhldakjboejnabfchhccnn). There is another one to manage multiple proxys Proxy Switchy! ( https://chrome.google.com/extensions/detail/caehdcpeofiiigpdhbabniblemipncjj ) which I trouble with but others recommend it).

Firefox – QuickProxy ( https://addons.mozilla.org/en-US/firefox/addon/1557/ ) watchout for this one that you get the correct one, I used the extension serch and came up with another one that didn’t work 😦

So thats about it.. enjoy.

Older Entries