I forgot to write about the upcoming WYSIWYG web site editor BlueGriffon when I first heard about it (probably from Fredda) but I got reminded of it today. This is the announcement in Daniel Glazman’s blog (from 30 September):
In the beginning was Netscape Gold. Then Mozilla Composer. From the ashes of Netscape and the code of Mozilla Composer came Nvu. Nvu had a cousin, KompoZer. But all this tools now belong to History and are extinct or on path to extinction.
In the meantime, Mozilla brought Firefox to the masses and its rendering engine, Gecko, has the power to fuel a next-generation wysiwyg editor for the World Wide Web. This editor is BlueGriffon™. Stay tuned!
Programming bloggers Jeff Atwood (Coding Horror) and Joel Spolsky (Joel on Software) plans to use the stackoverflow.com domain to provide a competitor to experts-exhange. It sounds like a good idea. Unfortunately their podcast had weird noises when I played it (in XMMS on Sun Solaris 10 — don’t ask), so it was too annoying for me to listen to right now.
When I got to work and viewed this blog I noticed that Sidebar Widgets was disabled. I thought "That’s weird!"
When I tried to login to the administration interface I was told that my WordPress database needed upgrading. I thought "That’s weird!"
Some further investigation revealed that someone managed to upload a PHP script called ro8kfbsmag.txt (MD5 sum df3b74cd38c717d9d7bbf0cd1910baa1) to my /tmp directory. It starts like this:
/*Magic Include Shell by Mag icq 884888*/
//TODO: ñëèòü ôàéëî íà ñâîé ôòï (!)
This gave me enough information too start googling. A must-read is Detailed Post-Mortem of a Website Hack Through WordPress & How To Protect Your WordPress Blog From Hacking, as it describes a very similar attack. There is also a support thread at wordpress.org: Weird and Dangerous : ro8kfbsmag.txt.
The attack vector on my server looked like this, originating from 18.104.22.168 with HTTP/1.0 as protocol version and "Opera" as User-Agent. I wish I logged POST data!
Needless to say, I have restored a backup and taken certain precautions to prevent this from happening again.
The peering has been back since Friday according to Telia and idg.se (1, 2), and it really seems to be working fine now!
Andi Gutmans (of PHP fame) has written a very interesting blog post about Java’s future on the web. The article is called Java is losing the battle for the modern Web. Can the JVM save the vendors? He gives some good arguments for using a LAMP stack for web applications.
One of the interesting quotes is:
Project Zero’s Chief Architect is one of the first IBMers to admit in public that Java today can be considered as a system language and is not desirable for building RESTful Web applications […]
This was apparently a bit out of context, according to the comment by Jason McGee, but fun to read nevertheless.
He makes a prediction that shall be interesting to see if comes true:
It has taken over 10 years for the Java stronghold to admit Java’s poor ROI on the Web and with the current recession it is likely that many Java customers are going to be making more informed investments. As a result there will be considerable rise in uptake of dynamic languages.
Today I overcome my SSL certificate anguish. It used to be a bit of a mess to get it right, but it’s so simple on Ubuntu nowadays. It is almost only running the apache2-ssl-certificate command that is needed.
I noticed yesterday that I could not visit The Daily WTF or Podomatic. Today I started investigating and __henke__ in #data on irc.freenode.net told me that my ISP Telia and Cogent Communications had stopped peering.
Related links in approximately chronological order:
The networks affected are AS1299 (TeliaSonera International Carrier, TSIC) and AS174 (Cogent Communications).
Update It seems like www.webservertalk.com is unreachable for the same reason.
Google has used Atom and the Atom Publishing Protocol (APP) as basis for its Google Data APIs (GData) for a while, and now Microsoft announced their support for Atom and APP. See also the InfoQ article.
My web server examines the the referer to deny deep linking to images on my sites, so I get log messages about that. When I browsed the logs today a few of those log lines caught my eye. They looked like this:
client denied by server configuration: /directory/image, referer: junomsg://028985E8/
(I replaced the filesystem path to the image with /directory/image.)
What kind of protocol is junomsg? I did some research and it seems like this comes from the “Juno offline email client”. Someone probably received a link to my site by mail and the offline client seems to run in Internet Explorer. Case closed.
Swedish telecom operator TeliaSonera has introduced a mobile data service where you agree to view ads on every web site visited. This service is provided by a company called Novarra. The ads are part of the deal, so the customer get what they pay (or rather don’t pay) for. It also seems that they filter other ads! The interesting thing is that major websites, primarily newspapers, don’t like to have their content modified or ads removed so they redirect Novarra-processed requests to surfclosed.wordpress.com. The Norweigian Mobiletech site has more information and screenshots in the article Transcoding issues introduced by Novarra. Their article was offline for a while, but now it’s back with a small addenum saying “We are experiencing a constructive dialogue with TeliaSonera.”