Archive for 2004

Against the Spammers – part 1

Do good – help kill a spammer today.

Recommended link-of-the-day : [ The Lad Vampire ]

The Lad Vampire specially targeted fake bank websites. They seems to be quite careful not to target an innocent victim, and they have actually shut down scammers’ websites.
And they already got many applause – from The Register, Computer Times, Monterey Herald, The New York Times, etc.

Funny links:
# A scammer got scammed and lost his gold
# 419eater.com is a website which, among others, get scammers to make silly photos of themselves, and then posted for the world to see.

I have a feeling this won’t be the last post on this topic, so see you soon.

note:
do NOT use the alternate SpamVampire (the one located at feedbackarchive.com). It seems that they’re not a very careful bunch, at least they’ve targeted one innocent victim (123count.com) – and one victim is one too many already.

1 Terabyte email

Hellacious Riders website is giving away 1 Terabyte email accounts.

Finally, an email account that’s bigger than the hard disks in my computer πŸ™‚ but I got a feeling that this offer won’t last forever.
So better get one while it’s still hot ?

WordPress’ spammers

Blogs have been under massive attack from spammers lately; I totally didn’t expect to have so many posts about this single topic in this blog.
But with Trencaspammer users as the last casualties, I think investing in a heavy spam defense – such as Spaminator or WP-AuthImage is actually now worth the trouble of installing them.

I’ve installed WP-AuthImage here and it seems to be working, and for a long time I hope.
But with the spammers continuing to attack our defenses, I think it’s time to fight back.
Read the rest of this entry »

The Quake

I’m at loss of words already on the tragedy that’s the quake in Indonesia – but there’s some more. Apprently, this quake may have been predicted as early as a year ago.

But the Indonesian government, of course, didn’t do anything about it.

It’s the little people that’s paying the price anyway, so the elites naturally can’t be bothered about it at all.

I feel very tired.

Gempa di Aceh

Pagi ini lihat berita BBC1, sedang heboh soal gempa dan tsunami di India. Huh ?

Wong gempanya di Aceh kok πŸ™ yang dibahas dan diperlihatkan malah India saja.

Kelihatannya Indonesia sebentar lagi bakalan hilang sekalian dari peta dunia..

Duh, Debian…

Debian security team meng-klaim bahwa package php4 di Woody tidak perlu di-patch – walaupun tim PHP telah mengrilis PHP versi 4.3.10.

Dan padahal tim phpBB sudah menyatakan bahwa dengan PHP versi sebelum 4.3.10, phpBB menjadi vulnerable lagi

Duh….. πŸ™ kelihatannya bakalan terpaksa pakai paket LAMP non-Woody nih πŸ™ tapi, kalau tambah banyak saja paket non-Woody di server saya, makin berkurang alasan untuk menggunakan Debian stable/Woody dong ?

Debian-administrator.org

Just a quick plug for this very nice website:
[ http://www.debian-administration.org/ ]

Hacker’s delight

A hacker’s story on dedication, with happy ending :

It’s midnight. I’ve been working sixteen hours a day, seven days a week. I’m not being paid. In fact, my project was canceled six months ago, so I’m evading security, sneaking into Apple Computer’s main offices in the heart of Silicon Valley, doing clandestine volunteer work for an eight-billion-dollar corporation.

Apparently, this graphing calculator quite successfully introduced kids & people to math, who wouldn’t otherwise.
Awesome. These are the kind of people I become jealous to.

Some excellent quotes:

the first 90 percent of the work is easy, the second 90 percent wears you down, and the last 90 percent – the attention to detail – makes a good product.

The secret to programming is not intelligence, though of course that helps. It is not hard work or experience, though they help, too. The secret to programming is having smart friends.

Sitting behind a one-way mirror, watching first-time users struggle with our software, reminded me that programmers are the least qualified people to design software for novices.

It shipped on more than twenty million machines. It never officially existed.

Too bad he failed on getting it into Microsoft Windows though. πŸ™‚

This where another fun started to begin – ripped straight from Kevin Mitnick’s book, someone pretended to be a troll, by pretending to know the security in Microsoft campus. A Microsoft employee took the bait πŸ˜€ but a kind soul let him know of his mistake (fun spoilers!!) πŸ˜€

Oh man… easily the best laugh I’ve had in weeks, that one.

Let’s taunt the Microsoft bashers

Itu adalah judul artikel yang ditulis oleh Rob Rosenberger.

Apa yang ditulisnya saya kira sebagian besar benar – jika pengguna Firefox / Thunderbird / Fedora / dll sudah menjadi mayoritas, maka para pembuat virus akan mulai mentargetkan mereka.
Namun, saya yakin mereka akan mengalami kesulitan untuk dapat mengakses komputer kita dengan leluasa — tetapi, bukannya mustahil.

Setelah sempat menjalankan server dengan sistim operasi OpenBSD, saya sadar bahwa masih banyak soal security yang perlu dibenahi pada berbagai software open source lainnya.
Dan bahkan OpenBSD pun masih bisa dijebol – misalnya, jika kita menjalankan phpBB versi lama di server tersebut.

Jadi solusi untuk keamanan komputer adalah perlindungan yang menyeluruh, titik.
Sehingga kalimat berikut ini dari penulis artikel tersebut sebetulnya tidak benar :

You can’t blame your security problems on the operating system you use, or on the email software you use, or on the browser you use.

Tentu saja bisa pak πŸ™‚ kalau tidak percaya, silahkan saja tanyakan kepada kawan-kawan yang sudah saya pasangi Firefox di komputernya.

Film Gimp / CinePaint

Menarik sekali – CinePaint adalah software image editing yang sudah bisa menyaingi Photoshop, untuk soal editing gambar. Wow…. tidak sangka akhirnya ada yang bisa menyaingi software kelas berat ini πŸ™‚

Lebih detilnya bisa [ dibaca di komentar ini ].

ck, ck….

Kebohongan aktivis gender NU dibongkar oleh forum kajian ilmiah NU Pasuruan

Kutipan:

Belum lama ini, (September 2004), Rabithatul Ma’ahid Islamiyah (RMI), Cabang Kabupaten Pasuruan, Jawa Timur, menerbitkan sebuah buku berjudul “Menguak Kebatilan dan Kebohongan Sekte FK3”. RMI adalah organisasi ikatan Pondok Pesantren di bawah Naungan Organisasi Nahdhatul Ulama (NU)

Telaah kritis para ulama Jawa Timur ini sungguh menyejukkan. Di tengah kegersangan situasi intelektual, mereka mau dan berani berbicara yang benar, mereka berani melawan arus besar, Gerakan yang mengatasnamakan kesetaraan gender, yang justru disebarkan oleh para elite NU sendiri. Apa yang mereka sebut sebagai “Sekte FK3” (Forum Kajian Kitab Kuning), yang melakukan tindakan kebatilan dan kebohongan, adalah orang-orang yang cukup terkenal di kalangan NU sendiri. Di situ ada nama Sinta Nuriyah Abdurrahman Wahid, Masdar F. Masudi, Husen Muhammad, Lies Marcus, dan sebagainya.

Selengkapnya bisa dibaca di:
hidayatullah.com/modules.php?name=News&file=article&sid=1482

Anti-spam (again) WordPress

Berhubung waktu yang terbatas, akhirnya diputuskan untuk menggunakan Trencaspammer disini.

Eh, jadinya malah makan waktu πŸ™ entah kenapa, walaupun kelihatan simple, Trencaspammer ngaco jalannya.

Pertama kali karena tidak ada support untuk lib GD di PHP – “apt-get install php4-gd”, lho kok masih gak jalan ? Ternyata harusnya “apt-get install php4-gd2” πŸ™‚ baru muncul deh captcha-nya.

Tapi kemudian ada keanehan berikutnya, jika kita masukkan kode yang benar di form comment, tetap saja dibilang salah (huh?)
Setelah men-debug beberapa lama dan kesimpulannya tetap sama, yaitu Trencaspammer “seharusnya” berjalan tanpa masalah, akhirnya menyerah.

Tapi jadinya malah makin penasaran dengan captcha, dan kemudian mencoba AuthImage

Kali ini langsung berjalan dengan mulus πŸ™‚ ya sudah, sementara ini dulu deh, hehe

note: AuthImage butuh lib GD dan FreeType — untuk di Debian, kelihatannya kedua-duanya sudah di-install ketika kita mengetikkan apt-get install php4-gd2, cukup menyenangkan.

WordPress bug ? link “Archives” tidak jalan

Blog ini di-setup dengan Permalink aktif, tapi link di menu “Archives” (di kalender dan nama-nama bulan, di sebelah kanan) pada tidak berjalan.

Ternyata, dari kode yang dibuat oleh WordPress untuk ditaruh di .htaccess ada yang kurang, yaitu :

RewriteRule ^archives/([0-9]{4})?-([0-9]{1,2})?-([0-9]{1,2})?/?$ /index.php?year=$1&monthnum=$2&day=$3 [QSA]

RewriteRule ^archives/([0-9]{4})?-([0-9]{1,2})?/?$ /index.php?year=$1&monthnum=$2 [QSA]

Sekarang link-link di “Archives” sudah berjalan sebagaimana mestinya.

phpBB worm *sigh*

First there were Brazilian criminals. Now a phpBB worm is on the wild, defacing any websites still running old version of phpBB.

Idban already showed a quick fix for this to be placed in .htaccess file.
Alternatively, if you have mod_security installed, you can put this instead :

SecFilter "^(.*)2esystem(.*)"

/etc/init.d/apache restart, and you’re set.

Links of the day

I wish I knew Xdebug when I was having problems with my PHP code a few weeks ago – with debugging client, it sure beats using echo πŸ™‚


I’m pretty scared using Windows nowadays, and here’s why.

I’ve had the luck of cleaning computers from CoolWebSearch, and let me tell you these things are damn close to impossible to get rid of.
Good thing CWS is still rather “harmless” – now imagine a keylogger as stealthy and deeply stuck as CWS; using Windows then could cause your bank / paypal account / etc to become empty mysteriously…


I’ve been rather dependent to Regex Coach when I need to create a regular expression.
But sometimes, some things are just too time consuming to be created from scratch. At these times, RegExpLib.com just may save your bottom from getting kicked by your boss.


Rsync on Windows

Previously, you need to install cygwin and then rsync, if you need to run rsync client from Windows. Unfortunately, it’s not exactly easy to use.

Thankfully, now you can use Sync2NAS instead. What’s more, it’s also has been developed with backing up user’s data in mind. Finally, it is an easy task to be done.

CRM software

Amazing – we have a CRM system similar to OpenCRX; but ours costed tens of thousands dollars, and it’s proprietary.

Of course, most of the time you’ll need to have it customized to your exact needs. In this case, you can get in touch with CRIXP. OpenCRX will be still free, while they provide you with the customization that you need.

Looks really sweet.
And talking about sweet, SugarCRM is another one that looks quite good as well.

Firefox is supporting Windows domination ?

Aaron said that making OpenOffice, Firefox, etc available on Windows is a mistake, because it helps people to stay on (using) Windows.

He missed one thing though – whether Joe Home User uses Windows or Linux is (in most cases) not his decision; it’s Dell/HP/Walmart/etc’s decision.

So, to gain the home user market, opensource community need to make Linux an offer that those company can’t refuse. We need to make them make Linux as their main OS in their computer – instead of Windows.

I think Linspire is doing a pretty good job in this regard. I hope others (Mandrake, RedHat, Ubuntu, etc) can follow their lead. Only then we’ll start seeing Linux making it to our homes.

In the meantime, do please keep making Firefox et al available for Windows users – let’s help enable them to use their own computer, without fear of problems due to sloppiness in Microsoft’s part.

Also I love seeing OpenOffice available on Windows – I can picture Ballmer screaming from the pain of losing the US$300+ per seat on Office license πŸ˜€ ho ho ho

Have a great holiday everyone !

The sky is falling !!

Just saw a news on BBC saying that UK economy is falling, blah blah… however, the main reason shocked me – the falling of house prices.

IMF and other “economy experts” are saying that because house price is falling rather significantly (for the first time in several years’ time, if I may add), the economy suffers.
With little people already having serious problem securing a home for their families, I’m seriously wondering whose economy is falling here !!

If increasing house price = good economy according to the “experts” — then I’ll say that if those experts undergoes lobotomy, it’ll be actually better for everyone concerned.

πŸ™ some seriously f*cked up thinking is going on here. I sincerely hope that I won’t be the only one noticing this.

Ways to spam

It enraged me to see how spammers are spamming blogs – comment spam, trackback spam, referral spam, or just overload your server.

And they’re eroding our defenses quite swiftly – comment preview no longer protects against spammer, and they can even beat CAPTCHA now.

As the case with email spam, I think combined defense would work best – something like CAPTCHA and RBL for blogs. Let’s see if such thing exist for WordPress.

Braindead coding

Being a newbie in Java, I thought it as a solid, foolproof language, which doesn’t break under newbie’s foolish coding style.

It seems that I’m wrong – there are ways to bog down Java app servers with stupid code.

Well, not too surprised though, I guess I just have seen too many example already of human stupidity overwhelming even the best computer systems out there.

            








SEObox: Web Hosting Murah Unlimited Komik Indonesia Homeschooling Indonesia