starting-blast landlocked

Category: tech stuff

In which many a college network crumbles before me. Or maybe just Algonquin’s.

So I made vague mutterings about maybe going back to school. In a sense, I did. I went with May over to Algonquin College a couple weeks ago so she could get a couple things done. Since I’d have some time to kill, I took the laptop with me. Largely because she made the mistake of telling me she could receive email, but the network wouldn’t let her send. Come to find out, at least I believe, all the common mail ports are, shall we say, firewalled. Somewhat successfully, I might add. But, and this is where anyone who knows me should be paying close attention, I had a little over an hour and a half to myself. An hour and a half, with an unfamiliar network, wireless access, and one hell of a powerful portable unit with which to play chicken. This can only end not so well.

So I took that portable unit, that wireless network access, that little over an hour and a half, and I did something useful. I prodded my own server looking for open ports. Not open ports on the server, per say, just the network. Ended up getting the college slapped on the block list in the process, but hey, that was fixable when I got home–note to self: try and find the damned IP first, whitelist the thing, then port scan your server to death. Kay? Kay. But I found me an open port. Two of them, actually. And I was already using one. So when I got back to the apartment, I–uh, first, um, unblocked the college (oopsies), then fired the mail server up on the open port I wasn’t using. Odds are, now, if one does it right, mail sends while one is at the college. I’ll need to get back there at some point and play.

Firewalls are awesome. But here’s the thing about them. There’s ports they don’t necessarily block, simply because doing so would pretty much break students’ access to potential external, uh, educational materials. One of those ports is HTTP port 8080. Now, here’s the thing about this server. This server doesn’t run anything on port 8080. As in, nothing. As in, no thank you please. Or rather, it didn’t until a few minutes after I got home. Now, in complete violation of probably a couple standards and definitely in complete violation of one college firewall, the mail server listens on port 8080 as well as the usual mail ports. And a couple others, but I’ll keep those to myself and the people who actually need ‘em, lest some Algonquin IT type person with a Google adiction accidentally finds this thing.

Sending mail from on campus, for those times wherein somebody with access to the server, or me, needs to send email while on campus, can now, legally, happen. Perhaps not Algonquin’s definition of legally, but hey–I’m looking at getting into one of their geek courses. Of course I’m going to flex my geek on their network beforehand. Why not? Besides. I didn’t need that port anyway.

Review: Postie for WordPress

So I mentioned I started experimenting with posting by email, for not the first time, on this blog. The plugin I tested for that purpose, the only one that before didn’t really overly irritate me, was Postie. For the most part, it does what it’s supposed to. General usage takes some getting used to, but that can be lived with.

What It Does

Let’s say you get wicked uber popular and your site gets recognised enough that certain overactive filtering systems–I’m looking at you, most corporate firewalls–decide you’re just way too evil for people to read at work. Or in your case, your site’s way too evil for you to post to from work. But you still have mockery material. You could write the whole damn batch in MS Word or somesuch, or, you could play with this plugin. If you create an email address (can be Gmail, if you don’t want or don’t have access to create one on your own domain), then hand the login details to that address to the Postie plugin, anything you send to that address will, if the email address you use is authorised, become website material. the plugin lets you specify things like categories and whatnot in the actual email itself, or in the subject in some cases–part of what takes some getting used to. But if you’re used to how LiveJournal and maybe Blogger do email posting (Does Blogger even do email posting anymore?), it shouldn’t take too much getting used to.

What’s Changed In the Update

The plugin was last updated in August of this year. Before that, it hadn’t seen an update since mid-2011. there was at one point a security concern or two about the plugin, but that seems to have been addressed–more on that below. The biggest change with this update, that I’ve noticed, is it’s become a lot more sensitive to HTML emails. I sent a test email to the site using Outlook, and didn’t switch it to text format. Mostly because I want to see what happens. The plugin saw the email, scanned it, determined it was a possible XSS attack, and promptly deleted the email. Oops. Not exactly the intended result, but hey, easy fix. Switch to text format, send the same test email. It works, almost, as advertised–again, see below. I can probably fix that with one of their other built-in commands. The edited result of the test that actually succeeded is here. Again, easily worked around–took out the extra blank lines at the end, added my update.

What It Won’t Do

I had to test this on my own, though I can probably make it do what I want easily enough. Out of the box, the plugin doesn’t respect post scheduling settings. For instance, I run another modification that pretty much guarantees this post won’t show up 30 seconds after the last one I wrote. It also makes for easy editing if I decide, say, 6 hours later to delete that incriminating paragraph about my caffeine habbit–oh, uh, that’s half the blog. Nevermind. Postie, however, wants to publish things immediately, regardless to when it’s supposed to be published. Works for most people, doesn’t work for me. Or anyone who runs anything remotely like me. But hey, nothing’s perfect.

Security Concerns

In the early days of the plugin, and quite possibly as recent as the 2011 update, there were concerns that the plugin made liberal use of bypassing WordPress’s publishing routines and manipulating the database directly to insert posts. I didn’t get a look at the 2011 code, but in the latest update, the plugin appears to have fallen back to using WordPress’s publishing routines. At least, my 30 second look at the code says maybe. somebody with more time on their hands can feel free to provide me with a free education though.

Conclusion

For what most people will use it for, the plugin does what it should. I didn’t test things like images, or videos, but I also very rarely post videos, and even more rarely post images. But it does what I expected it to do, with the exception of respecting automatic scheduling modifications. Use this plugin if you want to be able to post from behind a corporate firewall. Don’t use this plugin if you expect to be able to do so in accordince with some other posting structure. At least, not without some slight modifications. Then, feel free to share those mods with yours truely.

Smacked by senderbase.org.

I love breaking in a new server. It’s kind of nifty cool. What’s not so nifty cool about it is breaking in a new server when you kind of need to move some of your production stuff over to it, like, 5 minutes ago. That’s where I spent the last week or so. Everything I maintain directly, for my own benefit–or, now, for May’s as well–has a new address. Unfortunately for everything I maintain, that new address apparently used to be owned by someone with a less than stellar performance record. So when it got handed to me, I got to find out just what *not* to do as a sysadmin. I mean I knew most of it already from dealing with previous sysadmins, but that’s a rant for when I’m less than sober.

I’ve been used to the standard problems with email, especially with email coming from a new–or in some cases, previously used–IP. Hotmail doesn’t like recently asigned IP addresses, AOL tends to throw a bit of a hissy, and most smaller services tend to temporarily fail mail coming to them from new servers on the first pass–they call that greylisting. And then there’s the odd duck who decides “Oh, you’ve never had this IP before. I’m just going to pretend I don’t know you.”.

I can deal with that. It’s called just keep queueing up the mail, and eventually, they’ll like you enough that a metric shit ton of it will hit them in the box. But this one’s new, at least for me. Apparently, senderbase.org is not actually a strict blacklisting service, a la SpamCop. It’s an IP reputation tracking service, whatever the hell that means. Which, again, is awesome. Until you start to factor in, uh, companies will permanently (as in, 5xx error) reject mail from your server if senderbase doesn’t like you. Which is all well and good and amazing, if you’re the lazy type. And here’s a fantastic little kick in the teeth to go along with the kick in the geek nads. They don’t actually give you a whole lot of info on how, exactly, you’re supposed to *improve* your server’s reputation, so companies who use them don’t permanently reject your face off–especially when the only way I know they track such things is when companies receive email and report such things to them. So you’re sitting there, trying to figure out exactly what in the 7 levels of hell you broke when you set up your server, and all you have to go on is, well, this.

2012-08-14 11:41:59 1T1JFP-0006mG-18 ** wgrignon@wikiscribeit.com R=lookuphost T=remote_smtp: SMTP error from remote mail server after initial connection: host smtp.secureserver.net [216.69.186.201]: 554-m1pismtp01-003.prod.mesa1.secureserver.net\n554 Your access to this mail system has been rejected due to the sending MTA’s poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.

Helpful. Really. Extremely Now, uh, kindly tell me how I’m supposed to get in touch with the moron who says so so I can point out to ‘em that, hey senderbase guy? Yeah. IP’s a week old from where I’m sitting. Little help? Nah, I didn’t think so. And that’s where it sits. About 20 minutes on Google tells me, uh, not much. Apparently your IP reputation’s supposed to improve over time, but since everyone I know tracks that kind of thing has apparently blocked my face, I’m still curious how that happens. Unless senderbase just occasionally develops amnesia. Which, I suppose, is possible–they don’t say. So I’ve been smacked by senderbase.org, and the only counter is, uh, an unknown variable. God I’d love to be that lazy with this server. But I’m not paying to do it.

In which cPanel and CentOS actually, uh, kind of do what they should?

I’m still trying to figure out if it’s just because somebody decided to smack me in the head a little too hard, or I woke up in an alternate reality at some point, or what. But an interestingly weird thing happened over the course of the last couple days. I asked cPanel and CentOS very nicely to do something for little innocent old me, and the server didn’t actually catch fire.

A little background, for those of you who may be almost as sadistic as me. Installing Icecast on a CPanel server, any version, any time, used to be a right royal bitch. Compile the thing from source, curse as it spits out 80 million missing dependencies, compile those dependencies from source, curse as it still can’t find them–by the way, /usr/local/lib64 being in root’s environment path apparently does not help when the configure script is freaking braindead, then spend the next 5-10 minutes tracking down all those dependencies, finding the exact shared object the configure script wants to reference, then symlink the whole damn batch to a directory wherein the damn script wouldn’t bitch. If I didn’t occasionally *use* Icecast, just setting up the dependency structure for the compile process would warrant hourly billing for the poor bastard who asked for it. But since I do, and hey, it was an excuse to flex muscles I haven’t needed to flex since the last time I smashed Gentoo, I figured oh what the hell. So Icecast existed, compiled from source, dependencies and all. and I kept 80 million notes for the next time, just in case. And then the wickedest weirdest awesomest thing happened.

I’m not sure if it’s a CentOS 6 thing, or the version of CPanel I’m running, or hell, maybe the OS devs just finally decided let’s update a bunch of packages that we haven’t actually updated in at least a year and a half (Did I mention I hate binary OS’s for that?). But on a random thinggy, I thought hey, let’s run a theory. They’ve had time to fix their shit, and they’re not Debian, so maybe. So I skip the tracking down of my usual source dependency packages, and go straight to the configure process. It falls on the floor. Apparently, the server has ogg-vorbis support (hey, that’s an improvement right there), but it’s 0.6.x. Awesome. Wicked. Nifty. Cool. But Icecast wants 1.x. Well fuck me running. So I’m all ready to go tarball hunting. I’ve got links, I’ve got references to other links, I’ve got ice cold (no, literally ice cold) caffeine, bring it, bitch. I do the usual dance. make sure my links haven’t broken in a year and a half, make sure nothing was unexpectedly updated and I need to do something slightly different this time around, and I find something so new it still has that new geek smell. Where before, the CentOS package manager absolutely hated to do anything remotely involving Icecast and its dependencies, this time, I was fed exactly the command I needed, in exactly the format I expected, that I’m pretty sure I tried a year and a half ago that made just about everything fall down around my ears. But, hey. Maybe. I didn’t find this in Google last time I looked, so maybe. It would certainly make me less dependent on vodka, if nothing else. So I do the do, and suddenly, I’ve got updated libraries the configure script likes, and a couple packages I’m pretty sure the box I set this all up from via source last year is still missing. And because CentOS did whatever CentOS does with it, the configure script *should*, God willing, find the damn things without me needing to perform minor surgery. So I run it, kick back, and hope the booze store’s still open just in case this thing blows up–it wasn’t, by the way. And the thing not only compiles, but compiles like a dream. Thing threw less warnings on this box than it did last year.

I nearly fainted. CPanel doing what I say is a rare occurance when it comes to actual, significant admin things. CentOS doing what I say is even more rare, for anything, administrative or not. Both of them cooperating on the same task, at the same time, and neither’s arm needing to be twisted? That alternate universe theory sounds better and better all the time. And then I go and install something like Logwatch (believe it or not, the server was not handed to me with that installed), and I run smack into CPanel’s damned yum.conf exclude line. Okay, right universe. CPanel just wanted to mess with my head. Did I mention I hate it when CPanel wants to mess with my head?

I vacate Ottawa. Which means: welcome back, TekSavvy.

A long long time ago, in a galaxy far away, I gave Bell Canada (at the time called Sympatico) the middle finger. Their service sucked royally, every second or third month was a new conversation with the folks what lost my payments, and they just couldn’t seem to convince me not to drink. I still won’t touch Bell, but that’s largely now because the service I can get here–which I’d *love* to get here, by the way–is in fact not available where I’m running to. So it’s off to TekSavvy for a second go round, and the same service I can get through Bell–minus the supremely ridiculous bandwidth caps. TekSavvy said the magic word–for those keeping score, it’s “unlimited”, and Bell still can’t quite figure out where exactly Pembroke/Petawawa is on the map. So when I get myself settled, somebody goes back to DSL. Hey, it’s a downgrade, but it’s interwebs. And it’s unlimited. Even Rogers could learn a thing or three about that.

Related: Are DSL routers still insanely cheap? Just in case the one I retired a year ago did, in fact, retire…

So I mentioned we moved servers.

Here’s where I get geeky again. Sorry. Okay maybe not *sorry*, but uh… I’m something, anyway. So what did I go and break this month? Nothing that can’t be fixed with a tiny bit of vodka and a whole lot of miracle. I spent some time over at Iweb, with one of their smart servers. Good for the buck, but a tiny bit too much buck.

It took some negotiating to get it to where we thought we’d do something useful with it. On that server, we somehow got away with 12 GB of RAM, 2 500 GB hard drives originally configured as RAID1 (yeah, that lasted not even 12 hours), and a halfway decent processor. That was good for about a year or so. But I started wondering. We host things for other people. Us, not the datacenter. the datacenter just charges us for the privelege. Something goes sideways, uh, hey genius? The folks what sometimes pay you can’t actually tell you something’s gone smash if your crap’s on the server that went smash. Now, okay, admitedly depending on what exactly went smash we’d already know, what with us being on the same server, but that still made not a whole lot of sense.

So I grabbed WTN, all nearly 50 GB of WTN, and threw it at a server I picked up at end of last month through Interserver. Not as much bang in the processor or RAM department, but it makes up for it with diskspace. We get 2 GB of RAM with this one, a slightly better processor than Iweb, and 1.8 TB of disk for a fair bit less in the dollars department. I wouldn’t throw the entire drive full of hosted other people’s data over here–that’d probably kill the server on a busy day, but it works for the sites I’ve tossed over here. And the move gave me a bit of room to go bug squishing. Which, uh, reminds me–you might not have been quite so easily able to actually reach the site for a couple days last week. Oops. Upgrading software kind of broke a bit of PHP. Those bugs have been squished. I uh, think.

so now, we have us what we call a sandbox. Where I can get moderately breaky smashy with and not have to much more than nuke a couple sites that don’t make money. Mind you, this may or may not be somewhat countered by backup, duplicate and recover skillz of madness. But quite potentially maybe. And this means at the very least, I’ll have more flexibility to write about how I very nearly broke, then fixed, then accidentally demolished the server. And see? No innocent customers were nuked in this experiment. We kind of save those for next time.

Knighthood ain’t what it used to be.

Apparently all it takes to become a knight these days is being partly responsible for Apple’s mamoth crushing of just about anything that competes with it–whether it’s deserved or not. The guy who was behind the original design of the original iPhone, iPod and iPad has officially been knighted. For uh, being responsible for Apple’s mamoth crushing of pretty much everything that competes with it. Is now a bad time to say I’m contemplating what will be the eventual replaceement for the iPhone I didn’t really want?

This has “In Death” series written all over it.

Everything’s cool in science fiction. Cars can drive themselves, a phone without video is considered what the Nokia 6682 is in today’s cell phone market, everything electronic is also voice activated, and if you read the “In Death” series by J.D. Rob, handguns are banned except in cases where they’re collectors’ items. Whether we want to admit it or not, more and more of science fiction’s staples are showing up in today’s world–so much for us not having an informed culture. This idea looks like it came straight out of the “In Death” series.

Tobacco kills people. Everyone knows this. So to try and combat that, a company has come up with an electronic cigarette idea (disclosure: I support this article’s political position, even though I 1: don’t smoke and 2: didn’t link it for its political viewpoints). In the series in question, tobacco is either banned or very hard to come by–the author doesn’t actually specify which one it is, but unless you’re among the rich crowds, you probably don’t have access to it in any case. Instead, people are doing, well, exactly what this article describes.

To the uninitiated, walking into this suburban Toronto bar must look like a throwback to the 1980s. A cloud of what appears to be smoke can be seen hovering over a group at the far end of the establishment. But a quick check of the sense confirms that looks can be deceiving.

The air is fresh, lacking the pungent aroma of burning tobacco; the eyes aren’t watering with the sting of fresh smoke seeping into the sockets; and instead of ash trays and cigarette packs, the tables are full of small bottles of liquid and other pieces of equipment. On this night, a group of Toronto-area electronic cigarette, or e-cigarette, enthusiasts are getting together for their monthly meet-up.

Wouldn’t you know, science fiction does serve a purpose. How many more steps now before smokers get to freely comply with another of my political viewpoints–smoke all you want, but keep it to yourself. Oh well, the idea’s still interesting. And that it looks like it came right out of the only actual series I’ve managed to read through and not completely lose my mind makes it both interesting and amusing. Hell, why not? Let’s see where this thing goes.

In which WordPress changes their API, busts a couple features. Oopsies.

This site has comments by email. This site also has posts by email, should you be sadistic enough to subscribe to it–hey, a couple of you have, so it’s relevant. Or it did, until approximately 2 hours ago. You see, WordPress released a slightly newish version of their software last month, and one or two of the things that get some fairly regular use over here I don’t think were expecting that just yet. So they’ve kind of gone, um, squishy. I get to go digging through code later, but here’s a thing to keep a hold of–all your info has stayed put. If you subscribed to get comments to an entry by email, you’ll get comments to an entry by email–just not immediately right now, and unfortunately not retroactively either. Although, now that I think of it, your mailboxes might just thank you for that. Same goes for posts by email–although those, at least, you’ll get retroactively (don’t worry, I have sane limits on the amount of email this thing sends). The features still exist, they’re just somewhat temporarily broken. stick around, though–I’m not done twisting things into knots just yet. One of those knots might just fix themselves.

#TCNo

As anyone who’s anyone on Twitter knows, just about any and every link you throw on the site now, including links to posts on this site, gets automatically wrapped in their t.co shortener–yes, even if the link’s already been shortened. They announced the rollout in June, and as of yesterday or the day before, have made it pretty much automatic and global. While some clients have developed workarounds, most of them get to put up with automatic URL shortening. Which, yes, is wonderful and great and convenient in theory. Except for one very minor little catch. Links, particularly links posted from this site and others like it, are already shortened through Bitly–we used TinyURL before that. In 99.999% of cases, they’re already small enough to fit inside their 140-character limit. Shortening them again just seems kind of like a waste of resources, really. And yet, there’s no real way to turn off the service on your account–meaning, unless you’re using a client or service who’s already coded a way around t.co, which most apparently haven’t yet, your shortened link is shortened yet again–often to no real benefit (19 character URLs versus 20? Really?). T.co is awesome, in theory. In practice? T.CNo. Just sayin’.

Shaw pulls a Rogers, doesn’t get nearly the same attention.

Remember when rogers first started screwing around with bandwidth restrictions, then proceeded to launch their own online on-demand video service and, escentially, flipping customers off with it by not exempting it from existing bandwidth caps? Yeah, I figured you would. If not, refresh thyself. Then, read this. Clearly, it’s monkey see, monkey do in the Canadian telecom industry–and, clearly, Shaw has very good eyesight. Again, reread that first link. Except, replace Rogers with Shaw. Where’s the CRTC on this, again? Oh, that’s right–they’re just now getting around to calling bullshit on Bell, 3 years later. Well, I tried. Now, back to pirating CSI.

Verizon breaks your phone, charges $20 extra to fix it.

Just when you think “Hey, a feature I can actually find a use for”, your local phone company things “Hey, a feature I can find a price for”. Latest example? Verizon. Certain android phones sold by the company come with the ability to be used as a wireless hotspot, not unlike the iPhone on any company that doesn’t try and milk you out of every spare dime you can find–hi, Telus, nice to see you. Until recently, those phones could be used in that fashion easily, and freely–allowing you to take advantage of your cellular data connection using your laptop, should you have no access to a traditional wi-fi connection and need to make use of your computer for something net-ish. Fast forward to earlier this week. Verizon pushed out an update to those particular phones, effectively disabling that feature. Their reasoning? Now, it costs extra. Google’s apparently helping them with this, having agreed to remove apps from the Android Market that might make it easier to work around the partial bricking. You don’t actually own your phone. It’s a rental–a very expensive, non-returnable rental. You can thank Verizon for the reminder.

In which WordPress and my server conspire to psych me out.

I’ve been making a fair few changes to things on this end lately. Mostly changes aimed at preventing things from falling flat on their faces. For the past few days, though, it’s been looking mostly like things were falling all over the place anyway. It started with my finally ditching Feedburner, while at the same time playing with the latest new addition to this blog’s feature set–you’ll find it at the end of this post. Multiple issues decided it’d be fun to crop up right around then. This blog’s RSS feeds, temporarily, did the awesomest impression of a corpse, with a path that used to be acceptable to get to the feeds in question deciding to pick around then to, well, fall flat on its face. Or so I thought. On top of that, the server was quite running away with memory usage around the same time–to the tune of over 2 gigs of reserved memory last night, for what should be at most maybe 3 quarters of a gig at peek times. Nifty. Except not. I managed to track down the memory leak to my first attempt at introducing the feature you’ll find at the end of this post, after a couple days of troubleshooting. It’s since been shot in the face. But the other issue? That was the fun one. And by fun, I mean so stupidly simple I could only have figured it out after a couple beers. Fortunately, I’d had 5 tonight so was in good shape. The RSS feeds, as it turned out, weren’t quite as broken as I’d thought. WordPress just temporarily decided to forget what it was supposed to do with them. A stupid setting on the admin side of the software developed temporary amnesia and needed to be reminded how things were supposed to look. And then reminded again, because it didn’t save the first time. Thanks, WordPress. No, really. Thanks. My technology has been conspiring to sych me out. And it damn near worked. Now, to go attempt this whole sleep thing, then try and figure out what the hell caused *this* spike in memory usage. More mockery tomorrow–I’ve built up quite a bit since things started conspiring. You’ll get to read it when I’m not halfway to Zombie City. Well, okay, if I remember.

European politicians join the wi-fi is evil camp. Go Europe!

I may or may not have made reference before to folks who get it in their heads that wi-fi has this issue wherein it’s exceedingly damaging in some way, shape or form. I may or may not have indicated that camp gets its ideas from the most ridiculous of sources–like, for instance, children developing mysterious symptoms of illness while at school, and feeling perfectly fine on weekends. Now, I catch wind of word coming out of Europe that some politicians would like to see an end to wi-fi. For the children, of course. They base it off of some studies comparing wi-fi to such things as second-hand smoke. Really. I’m not creative enough to make that up. Sounds more like the biggest risk to our collective health at the moment are these politicians.

Fake hardware failures suck almost as bad as real ones.

Disclaimer: If you’re not of a technical mind, or things like hard drive failures make you run screaming in the other direction, you may want to skip this post. Just a friendly warning from your neighbourhood undercaffinated geek. Particularly when the fake ones in question leave not just you, but your equally technically inclined roommate, staring at the computer as though it’s just sprouted its very own artificial-ish inteligence.

Take this weekend, for instance. I’m minding my own on a Friday evening, trying to invent the best and least hair-pulling way to introduce updates by email–and comments, by the way, not just replies–to the blog, when the desktop decides to throw not one, or two, or three, but nearly a dozen warning and critical error messages at my face. Everything from hard drive failures to RAM usage being critically high, to flat out memory failures. Now, keep in mind, this machine’s nearly 4 years old and just had its wireless card replaced–twice, mind you, so one or two failures of that nature wouldn’t be beyond the realm of possibility. So I’m going through the usual diagnostic steps, doing what you do when you’re under the distinct impression your primary machine’s about 30 seconds from going flatline and you’ve got absolutely no spare parts kicking around, when this innocent enough looking “Windows XP Recovery” window crops up. It helpfully informs me that Windows is suffering damage possibly related to bad sectors on the drive. This along side yet another of those dialogue boxes cropping up informing me one or more IDE/SATA drives are about ready to self-shoot.

By this point, I’m more than a little WTF-ing. I *just* meaning less than a week ago, had a Dell tech out this way to replace the network card. Was I *really* going to have to have another one out to replace at least one failing drive and lord only knows what else? Not to mention the roommate just 48 hours prior to that got the pleasure of dealing with his very own failing hard drive and the replacement of same–in fact for much of Friday evening, while I was diagnosing, the running joke was that apparently hard drive failures had now become as airborn as your common virus. But I got curious. The only Windows XP recovery utilities, particularly utilities that bare that name, are usually found on the XP CD–and certainly don’t randomly show up when Windows is loaded, though sometimes I think that might be helpful. Enter that tiny little alarm going quietly off in the back of my head while I go hunting for my usual fix me tools.

I keep 3 tools one hand for incidents kinda like this one–one spyware scanner, one virus scanner, one nuke ‘em all tool. Because I was testing a theory, and if I was right it would at least manage to nail most of it, I loaded–and fired–the nuke ‘em all tool first. Sure enough, within about 2 minutes of the utility running, Windows XP Recovery took a hike. And so did its small army of warnings and alerts and whatever else managed to show up. Yay! I’m free! Except not quite. I nuked the majority of the infection, and probably caught the source, but there was still damage. Have my desktop was toast, and I’m pretty sure I was missing things out of my start menu on top of that. Nice. Wonderful. Nifty. Easily fixed.

I ran my other two tools, which took a little longer than I’d of liked to finish–but they finished and nothing broke, so I’m happy, and removed what I think might have been the last remains of the thing. Easily delt with by a simple reboot. Now, there was just the issue of half my desktop and probably some of my start menu going completely snap all over the floor. Because I was sick and tired of fighting with it, a system restore took care of that–and then some. Yay, again. I took care of what I thought needed taking care of manually, then went on the hunt for info.

Apparently, the infection I just went around with is new. Extremely new. As in I’ve seen postings as early as May 13th, but no older so far. To the tune of every forum, blog, website etc I know to check has something on it. And still, it managed to sneak by my usually pretty solid defenses.

All told, I’d way rather have just had an actual hardware failure. Or several, to be completely honest. The fake ones were a bitch to knock out. Now, to find where I hid my emergency back-up material–just in case.

When is a router no longer a router? The sequel.

That didn’t take long. After just over a year of actual, constant usage, the router I ended up finally putting in service last February took that very short drive off the performance cliff. Or perhaps it was a long-ish one I just didn’t really pay attention to. The problem itself took the better part of 3 days to actually narrow down–initially, we blamed our ISP, but quickly discounted that in a matter of a few minutes. The modem was the next guilty party to be blamed–I’d had a small problem with this type of modem before, so it wasn’t about to surprise me if I’d be replacing that. A few tests and diagnostics later, nope, modem’s working perfectly fine. Well hell. I was hoping I wouldn’t need to invent money for replacement parts this quick. so now my sights are set entirely on the router. Yes, the router I’d just replaced already last February. We do our usual routine with all the computers in the house save one running wireless, because that’s just how we role. Things should be flying both around the internal network and past it to the greater internet. Things didn’t end up getting out of first gear in most cases.

It made troubleshooting this issue even harder still, as the desktop I primarily use for 90% of my online work when I’m at home has been experiencing its own good attempts at dialup performance on the network. I was initially blaming the router, but during testing I was getting much better performance from the laptop than the desktop, both of which I was testing wirelessly. Yes, the laptop’s definitely a more powerful machine, but that has no baring on internet speeds these days–a dual core processor should be running just as or nearly as fast on a network set up by an OCD geek as a machine running a core i5 or i7. Well, you’d think, anyway. Testing disproved that. So now, I have a theory. A dangerous thing in my hands, but you’ll have that. The mystery of the dying router was partially hidden, or at least masked, by the compounding suspected issue of the desktop’s card tanking in 18 different directions. Nifty, with the tiny exception of not entirely. Fortunately, or not depending on your perspective, that’s the easiest thing to replace–and the cheapest. It was also the first thing I got things moving in the direction of replacing–hi, Dell technical support. Time for you to actually work for me. Considering you’re working because I’m not, and all. So one phone call later, and yes it took giving out my former Dell employee ID, troubleshooting was bypassed and hello, replacement card under warranty.

So now, we have replaced the router. I am replacing the network card in the initial problem machine. The rest of the wireless equipment? Wayyy too new to be causing problems–unless someone really wants me questioning their compitence. The only questionable piece of hardware that has yet to be gone over with a fine-toothed “don’t you dare fall over” comb is the modem. And honestly, it’s only a gigantic questionmark over here because, er, one of those already blew up in my face. The unstable network should now, barring unforseen small technological implosions, only be a myth in the house of geekery. And if it’s not, I know one ISP who’s going to get really, really tired of hearing from me. Mostly because I’m not looking forward to the next installment of “When is a router no longer a router?”.

Guest Post: Welcome to open communication, pizza pizza.

Blog author’s note: the below content is a guest contribution. Any responses will, if nothing goes and breaks, go directly to the post’s author and not to me. If you would like to contribute to the blog, contact me to discuss the possibility.
I love pizza, and hey, so does the owner of this here blog.
So niftily enough
pizza pizza
one of the major pizza places here in canada has an iphone app.
Nifty, I thought, and hey, it’s free. no complaints.
Um, except their was.
The accessibility of this app, leaves their a lot to be desired.
With a lot of patience, you can find, and by trial and error make voice over read things, and you can put together an order, if using specials, but attempt to design your own pizza? not so much.
Buttons don’t read, the process is not explained, in short, pizza pizza didn’t design this app with the voice over user in mind.
So, I sent the following short and simple message to their iphone feedback address.

From: Shane Davidson
Sent: Thursday, April 07, 2011 4:45 AM
To: iphone@pizzapizza.ca
Subject: iphone app feedback.

To Whom this may concern;
I am writing you as a blind iphone user, who uses voice over, the built in screen reader.
The app would be useful to myself, and other blind iphone users if you took the time to make it usable with voice over.
At this time, some of the app is accessible, but it has a long way to go before it can be successfully used to order and manage previous orders with your company.
I am happy to help test this apps accessibility if your company is willing to build accessibility into the app so it works more flawlessly with voice over on the iphone, and other similar IDevices.
This is being posted as open communication on my own personal blog at

http://www.shaneD.net

and on another blog, welcome to knowwhere, that I help manage, at

http://www.the-jdh.com

so any response, or lack their of, will be read by a lot of users, both sighted and blind alike.
Thank you for your time and attention to this issue.
Sincerely;
Shane Davidson

In short, let’s see if pizza pizza cares enough to come up with a response or a reworked app with voice over support, shall we?

|I was not fooled yesterday, just scared to death. Twice.

I blame Slashdot, and them there folks what host this blog. The web host thought it would be fun to include as part of their blog posting prank a little thinggy about the company being sold off, and their own control panel–which, by the way, could have benefitted from some of my caffeine this morning–being replaced by CPanel. That very nearly gave me a heart attack–until I remembered what day it was. Then I promptly did something I don’t do, like, ever–I thanked Christ and the chick who shot him out. I despise CPanel.

Slashdot, I think, wasn’t even trying this year. Their post, completely and entirely–I suspect purposely–uneditted and otherwise not anywhere near the type of post I’d expect to see from Slashdot, made a big show of a whole bunch of linux distributions, including Gentoo, merging. Yeah, I fell for it–for approximately .3 seconds. Though, admittedly, something like this would be nice if it were an actual serious thought. Too bad the leaders in those respective communities couldn’t manage to get along enough to make something like that work if they tried–which they probably never actually would. Different philosophies, and all. Kinda like me and Apple–more on that in another, later, caffeine-induced entry.

No one actualy tried to pull one over on me yesterday. My blood pressure, though? May not be quite the same for a while…

Edit: I fail at HTML on laptop. Or typing on laptop, anyway.

Bell tries screw the consumer 2.0, Netflix points it out–again.

It’s no secret the CRTC has spent most of this year failing at this whole keeping the big 3 ISP’s in Canada at something vaguely resembling in line. They decided nearly two months ago that unlimitted internet didn’t actually exist, and kind of stuck to that until escentially told not to be–Shane’s take on how that ended up playing out is over here. Then, they decided it might be in their best interest to put the idea up for a review and get back to it in 60 days. I thought they might take advantage of the election to change their mind again, but before they could, Bell Canada–one of the big 3 who’re sitting comfortable behind usage-based billing (UBB) decided to get crafty.

Bell, in a submission to the CRTC yesterday, dropped its usage-based billing demands of the third-party ISP’s, one of which I’m currently a customer. Well, they sort of did. They replaced it with agrigated volume pricing (AVP), also known as UBB 2.0. Rather than charging ISP’s for what they’ve used after they’ve already used it, Bell is now looking at the possibility of having them purchase a certain amount of bandwidth from them, and god help them if they underestimate how much they’ll need. Yep, download cap 2.0, kids. Officially screwed? You betcha. And Netflix knows it. In direct response to the fact their Canadian branch is among those being targetted by these measures, Netflix Canada has officially lowered the quality of its video streaming service. Oh, yeah, and they kind of pointed out what I’ve been saying for at least the last month–the only ones benefitting from it are the big 3. Oh and, guess what? Here’s the kicker–Bell’s customers still get the pleasure of dealing with UBB while they slap us in the face with AVP. Forget officially screwed. We’re heading straight down the road to officially ripped the hell off.

We should not be allowed anywhere near anything technological. No, seriously.

The following things should, in fact, be restricted from both myself and Shane for the safety of the general public.

  • Any kind of network access whatsoever
  • Most forms of access to the internet, or at least the less legal portions of the internet
  • Any and all versions, local or otherwise, of dropbox–this includes, but is not limited to, the Dropbox website

The reasoning behind it? Uh. We’ve just managed to find a very interesting and quite creative way of putting any and all of the above to our advantage–in quite possibly the most dangerously lethal way possible. Also known as the absolute quickest way of getting material sent to multiple directions without causing mass amounts of headaches. Clearly, we absolutely must be stopped. For our own good.

PS: Sorry, Jessica. We’ve made your computer a casualty tonight. See? Told you it was dangerous.

If you must pay for stuff, pay Apple, says Apple.

Apple is not a fan of letting people do what they want with the hardware they purchased. That’s no huge secret. Now, they’re starting to become more like that with the software people purchase. The latest? In-app purchases may be on their way out. Apple is apparently looking at forcing all content purchases, IE: things you would normally buy directly from the app developer(s), through its own store. The solution? More money for Apple, less control for users/developers. The result? More people considering finding brand spanking new and interesting ways to unlock their hardware. Probably not what Apple was intending, but as the Techdirt article points out, it’s a real good way to piss people off and make them do exactly that. Way to be, Apple. I’ll just be sticking with my Nokia, now–at least until it self-bricks and I get to deal with Windows Phone 7. But that’s another entry. In the meantime, happy 89125435543 reasons to jailbreak your iThing, kids. Enjoy.

Old computer is old, and other asorted bits.

I’ve officially managed to date Jessica‘s computer. Its official age, as of right now, is older than dirt. Yesterday was an adventure in the upgrading of RAM. After finally figuring out this thing cannot keep its various periferals attached while it’s being worked on, I got to playing around with a couple 1 GB sticks I punked from Kyle while I was over there. In so doing, I think I did both Jessica and him a favour. Before me, he wasn’t sure if one of his sticks went south on him. That took all of 10 seconds to determine for absolute sure–it’s toast. As for the other? It might as well have been, at least so far as I’m concerned. This machine just plain ain’t supporting. It’s DDR2 RAM, for starters, which apparently this motherboard predates by a couple years. Add to that, I think this thing only goes up to PC2700, which well, do they even make RAM that slow anymore? So that was a fun excuse to throw open the case.

Now, it’s off to a valentine’s get together with a few friends, one of the 80 million things I love about Rochester. Mockery? Snarkery? General geekery? Yeah that’s still coming. As for now? I see food in my near to immediate future. Catch you on the flip.

The CRTC snaps its fingers, and unlimitted internet no longer exists.

I’m not one for capped internet connections. Never have been. Not even if I’m only checking email. I took full advantage of one ISP on my way out for reasons of capped bandwidth/traffick shaping policies–that they’re still continuing with, last I’d heard. I ripped into another for offering its own customers an on-demand streaming service a la Netflix and deciding hey, our internet customers don’t actually need a reason to use our service over torrents, so we’ll just count it against their bandwidth cap. I went at them again, this time for lowering their already ridiculously low caps in response to the launch of the offending Netflix in Canada. At the time, while none of the big 3 ISP’s (Rogers, Bell and Telus) were offering unlimitted internet services, the smaller ISP’s TekSavvy, Primus) were. And life was great. I ditched Bell for TekSavvy, who I ended up leaving for other reasons over 2 and a half years later–but that’s been beaten to death over here already, and avoided both issues. Bell decided not long after that that they didn’t much like us playing that game. So they wined to the CRTC. As did Rogers, as did Telus. Because, you know, competitive advantage in Canada just shouldn’t be allowed to exist. This past week, the CRTC agreed. Now, as of February first, even the smaller ISP’s are mandated to piss off their customers by charging them for any and all usage that takes you beyond 25 GB. After 25 GB, your options are to pay $x for every gig over that amount, or pay another price–usually only slightly less–for blocks of bandwidth, some companies (hello, TekSavvy) are calling it insurance, that you may or may not actually end up using for a month–more than likely, you’ll end up using.

As a general guide, let me let you in on a little hint as to just how ridiculously tiny 25 GB is. If you’re into the whole online gaming thing, even if it’s just one of those games you find on Facebook to kill half an hour on your coffee break, you can blow through 25 gigs easily in a month. If you’re doing anything more demanding than that, for example playing World of Warcraft, even if it’s not for very long at a stretch, 25 gigs goes by pretty quick. Get a lot of email? Use a fair bit of Twitter? Decide you want to install your favourite OS on a spare computer? Or virtually? Do pretty much anything that isn’t your typical half-hour of internet usage a day for checking email/paying bills? Your 25 gig cap waves goodbye in an aweful goddamn hurry. Yep, you guessed it. Youtube, streaming music, random TWAudio or Q-audio things, they hurt too. And don’t even get me started on what any even moderate amount of file sharing of any kind, legal or otherwise, does to the bandwidth cap–which would be the entire reason for the cap in the first place.

The major players in the Canadian market have been calling the shots pretty much since the advent of the CRTC and the granting of regulatory authority to the CRTC over our portion of the internet. Bell, Rogers, Telus all started throttling traffick, manipulating things in such a way that traffick that fell into specific categories was slowed or otherwise given headaches–we call that throttling, or traffick shaping. The big push from the smaller ISP’s at that time was “we’d never do that to you!”. And, ironically, they were right–they usually never did. So shortly before I officially was to switch ISP’s from Bell to Teksavvy, Bell thought they’d extend a favour to the smaller ISP’s, and do the traffick shaping for them. Nice, no? Naturally, the CRTC was perfectly fine with it–prompting at least two complaints and a petition that didn’t actually end up getting a whole lot of anywhere. And voila, one third-party throttle, served monopolistically. It’s been that way escentially since. Same with the newest issue of usage-based billing.

Bell and Rogers began instituting, and later lowering–hence those first few links at the top of the entry–bandwidth caps. They started out mildly reasonable and didn’t hang around there long. Instead, prices went up, bandwidth went down, and–at least on DSL–speeds escentially stayed the same. Suddenly, we weren’t getting what we’d call our money’s worth. Once again, up comes the smaller ISP, this time with an unlimitted bandwidth offering and a promise of “We wouldn’t do that to you!”. And, once again, they’re usually right–they, specifically, wouldn’t do that to their customers. And once again, Bell, Rogers and Telus, who the smaller ISP’s have little to no choice but deal with if they want to be able to offer internet service, volunteered to do them the favour of instituting bandwidth caps for them. And once again, they did it with the complete backing of the CRTC–poof, usage-based billing is born, the unlimitted internet is dead. As before, there’s a mass amount of appeals underway to try and convince the CRTC to see reason, but so far, it hasn’t done much but take up space in the news. And once again, the CRTC is stuck in 1995 or 2000, in the land of the barely above 56k. And just like that, like the land of barely above 56k, the CRTC snaps its fingers and unlimitted internet no longer exists. Now if we could just see *improvements* to our internet services come through as quickly as hinderences. Well, can’t have everything. At least someone’s seeing some quick progress.

In which ConfigServer quite possibly breaks WordPress. Oof.

I’ve been dabbling in the more involved server admin business for the past while. One of the things we’ve been experimenting with for the better part of a month is the firewall provided by ConfigServer. It’s halfway decent for what it does, as long as you’re not trying to do anything too involved–like, say, get certain functionality native to WordPress to actually, you know, work. Like, for example, trackback/pingback functionality. So, since we had absolutely nothing else planned whatsoever tonight–hi, oh my god cold, we figured we’d either fix CSF or break Shane‘s blog. Turns out we did neither.

According to ConfigServer’s software, which I have taken to not trusting after our most recent discovery, inbound trafic on all the ports we needed to be open was possible. As was outbound. Except for that tiny little part wherein it sort of wasn’t. That lead to some pretty interesting problems in the neighbourhood of him actually being able to receive trackbacks/pingbacks. Since blogging in general, and WordPress in particular, is primarily focused on the whole community/conversation element of it all, that posed a very small problem. We fiddled off and on with it for a few weeks, and eventually for reasons of trying to scrape together a few dollars, we decided to start the process of migrating him away from that server and to my arangement over here. After breaking things in that department in all kinds of new and interesting–not to mention very very creative–ways, we thought we’d play with seeing if that fixes the outstanding issue of tracking back. Hence, if you hadn’t figured it out, the test post from earlier. And wouldn’t you know, the damn thing up and proved us both idiots. First try, it did exactly what it was supposed to. The only *really* major difference? The server the problem blog’s on isn’t running ConfigServer’s firewall–and won’t be, if I can possibly get away with it. Aside from that? Same server configuration, more or less, with a few extra mostly irrelevant bells and whistles I don’t actually use but hey, they’re cool.

The moral of the storry: If you’re running ConfigServer’s firewall, look for alternatives. If you’re not, keep it that way. It’s bad for you. Stay very, very far away from that program–particularly if you, or anyone you’re hosting/maintaining the server for, plans on running a WordPress blog. They just do not like each other and I think the relationship’s pretty irreparable. Now, the search begins for alternatives.

The catholic school board’s IT department is *not* smarter than an 8th-grader.

From the department of IT Security 101, courtesy the Peterborough Catholic district School Board, comes this real life lesson of what happens when you don’t tripple check your security. you end up hacked by one of your own students.

John Mackle, education director at the Peterborough Victoria Northumberland and Clarington Catholic District School Board, said the Grade 8 pupil at St. Anne’s School in Peterborough’s north end found his way — via his laptop, a piece of downloaded software and the board’s internal network — into a board file server containing provincewide test results.

“To be honest, I don’t know that he would have understood what he was seeing,” Mackle said.

“The information that he was able to see wouldn’t have made a lot of sense to him.”

Mackle said the incident occurred when the server in question, which isn’t located at the school, was turned back on after undergoing a service upgrade.

“We normally have two levels of security,” Mackle said. “In this case, level 1 was turned back on, but level 2 was not. This allowed the boy to gain access.”

Security for all servers has been upgraded in the wake of the incident, he added.

By “upgraded”, does he mean “reenabled”? And, really, just what kind of security do they over at the Peterborough school board consider to be level 1? Inquiring minds want to know. If the system was secured, the kid shouldn’t have been able to access it. On second thought, I’ve come to understand the school board’s definition of secured and the rest of the world’s definition are usually two pretty different things. If given enough time to work at it, most school board security systems–at least up here–could probably be compromised with a minimal amount of effort, if someone with a problem with that school or the board really wanted to.

Let this be a lesson for aspiring IT people. Secure your shit. Twice. And for the love of chese, if you’ve got a system installed, tripple check that it comes up when the server you’re trying to protect does. I should not have to point that out.

Alibi3col theme by Themocracy

© 2006-2014 by me. All Rights Reserved. Failure to comply will be met with an angry stare. -- Copyright notice by Blog Copyright

winterbottomeileen@mailxu.com gilchrest203@mailxu.com
starting-blast landlocked