Hacked!

It seems this blog got hacked recently. A couple of posts had the following code inserted into them:

	 
/* < ![CDATA[ */
var quicktagsL10n = {
	quickLinks: "(Quick Links)",
	wordLookup: "Enter a word to look up:",
	dictionaryLookup: "Dictionary lookup",
	lookup: "lookup",
	closeAllOpenTags: "Close all open tags",
	closeTags: "close<div style="display: none"><a href='http://buycheaplasixonline.org/' title='buy cheap lasix'>buy cheap lasix</a> tags",
	enterURL: "Enter the URL",
	enterImageURL: "Enter the URL of the image",
	enterImageDescription: "Enter a description of the image",
	fullscreen: "fullscreen",
	toggleFullscreen: "Toggle fullscreen mode"
};
try{convertEntities(quicktagsL10n);}catch(e){};
/* ]]> */
 
 
	 edToolbar() 
	 
...(post text)...
	 
	edCanvas = document.getElementById('content');

This was on WordPress 3.2.1. I’ve now updated to 3.5; hopefully this won’t recur, but it’s something to watch out for if you’re running blogs using older versions.

Chasing a BSOD

I’m trying to nail down a repeated Blue Screen Of Death on one of my PCs. It’s only happened in the past week or so, on my 3ish year old HP a6760a desktop, in both Win7 32-bit (which I’m phasing-out) and 64-bit (which I’m moving to).

The crashes seem to happen in a couple of places, but this one is typical (output of the dump file via NirSoft Blue Screen View, with a little re-arranging of its HTML output):

Dump File	122912-22417-01.dmp
Crash Time	29/12/2012 9:15:14 AM
Bug Check String	NTFS_FILE_SYSTEM
Bug Check Code	0x00000024
Parameter 1	00000000`001904fb
Parameter 2	fffff880`0a707068
Parameter 3	fffff880`0a7068c0
Parameter 4	fffff880`012ea820
Caused By Driver	Ntfs.sys
Caused By Address	Ntfs.sys+b7820
File Description
Product Name
Company
File Version
Processor	x64
Crash Address	ntoskrnl.exe+7efc0
Stack Address 1
Stack Address 2
Stack Address 3
Computer Name
Full Path	C:\Windows\Minidump\122912-22417-01.dmp
Processors Count	2
Major Version	15
Minor Version	7601
Dump File Size	291,720

I’ve tried ensuring all patches were in place; that didn’t help.

Then I tried rolling back using System Restore to before it was happening. That didn’t help either.

Now I’ve tried installing the latest BIOS patch, which HP does say can help with some Win7 BSODs (though not specifically what I’m getting).

So far so good, will see what happens from here.

Update 1/1/2013: Still getting crashes. Interestingly, most (possibly all) seem to occur when Chrome is running, and particularly on pages with Flash. I have removed Flash, but it seems Chrome has built-in Flash support. So… I’ve temporarily removed Chrome to see if it stops happening. (It was up to date: Version 23.0.1271.97 m).

Update 1/1/2013 10pm: Not sure that helped. I did do a full malware check using MSE, which found: OpenCandy adware — it reckoned it was in D:\Users\Daniel\Downloads\avc-free.exe — which I think is a free “Any Video Converter” product I was mucking about with recently (I don’t think it’s the one I settled on). It’s not clear to me that OpenCandy would be causing these crashes, especially as I don’t think it was even active. Have removed it anyway.

Update 2/1/2013 8pm: Well, this is entertaining. Still getting crashes, and now it’s not booting at all. In fact it’s not even getting to the BIOS startup screen. Obviously some serious hardware problem.

Update 2/1/2013 9:15pm: After trying many suggestions from the HP support web site, such as unplugging all devices and even disconnecting hard drives and removing RAM, no luck. The power goes on, the CPU and video fans spin, but no display at all, not even the customary single beep.

I’ve posted to the HP forum hoping someone there has some ideas.

news.com.au polls rigged

A news.com.au poll over whether “football” or “soccer” was a better name for the world game resulted in 2006 votes for each.

IT’S OFFICIAL. Australia is completely split down the middle on the issue of whether to call the world’s most popular sport “soccer” or “football”.

A News.com.au reader poll which has attracted 4,012 votes at the latest count reveals that exactly 2006 people voted for football, and 2006 for soccer.

What they apparently didn’t realise was that the poll was rigged. A user posted to Reddit that he had hacked the system and ensured this and other polls came out equal.

I actually wrote a program where for each option someone voted, my program would vote once for every other option, thus maintaining a deadlock.

Every now and then, they reported on poll results as if it were actual news. After emailing them alerting them to this, they are yet to retract any of their articles.

The whole saga was blogged here.

Just in case News remove the story above, here’s a screendump. — update Wednesday 8:50pm: it has now been removed.

Windows 8/Server 2012 new interface – is this progress?

Jakob Nielsen nails my concerns with Windows 8, specifically that the paradigm doesn't work on PCs:

On a regular PC, Windows 8 is Mr. Hyde: a monster that terrorizes poor office workers and strangles their productivity.

… (PCs) used to be Microsoft's core audience, and it has now thrown the old customer base under the bus by designing an operating system that removes a powerful PC's benefits in order to work better on smaller devices.

An example I'm finding trying to use Windows 2012 Server, which uses the same interface: the start menu isn't visible on the taskbar. You have to press the Windows key to get it. But this causes huge problems over Remote Desktop, which is how many servers are accessed. You have to specifically reconfigure Remote Desktop to do it, which then causes issues on your own desktop.

Windows Server 2012 - no Start button Windows Server 2012 - if you're lucky it will appear

The Start Menu does seem to appear if you mouse over the bottom left of RDP window, but I haven't yet worked out precisely what you need to do. Hover? Click? Swipe? It just seems to pop up semi-randomly. If there's a better way of doing it, it's certainly not obvious.

In my book, this is not a useability improvement.

Upgrading Netgear Stora without data loss

Despite my expectations, I’ve managed to upgrade our NAS’s storage quickly, easily, and without losing a byte of data.

We have a Netgear Stora as our home NAS. We’ve been butting heads against the storage limit of the box, but I’ve always been careful not to populate the second drive bay; the last upgrade replaced the single 1Tb drive with a single 2TB drive – 2TB was the cost/storage sweetspot. However, a couple of years on and it’s still the sweetspot, the largest drive capacity is only 3TB (I suspect due to the Thailand floods of 2011 – we’ve been stalled at this capacity for a while… which is a little misleading, but I’m not paying $550 for a 4TB drive when I can have 3TB for $150) and it seemed like it was time to exploit the second drive bay.

Researching online shows that the default configuration for a Stora is RAID 1, which is… not the default I’d have chosen. What we want is a JBOD array. I didn’t recall changing the configuration the last time we did an upgrade, so it’s a safe bet that we were still a RAID 1 setup. The documentation is clear that converting from RAID 1 to JBOD or vice versa requires a format of the media, so step 1 was to ensure our backup of the backup was up-to-date; that took overnight to complete, even with the 2TB USB3 drive that we picked up for only $99 from Officeworks (how are they able to sell a drive and enclosure for the same price as a cut-price parts supplier sells the naked drive?)

If anyone can explain why I was getting over 70MB/s to my external USB3 hard drive when I started, and a few hours later when I went to bed I was getting under 30MB/s, I’d love to hear it. It was a steady decline in I/O rate and I’m at a loss to explain it.

Anyway, with the backup completed, and verified, it was time to bite the bullet. For step 2 I powered down the NAS, extracted the existing drive from the NAS and put it aside, took our lying-around-spare 2TB drive and shoved that in its place and then restored power. I fired up the (Windows-based) Stora management software and connected to the Stora and it announced that there was some weird drive mounted, and what storage configuration did I want? Having picked JBOD, it then proceeded to format the drive.

Once the formatting was done, I proceeded to step 3. I powered the Stora down, inserted the original drive in to the previously unused bay (the vertical orientation flipped relative to the other bay, which was surprising) and restored power. I fired up the (Windows-based) Stora management software and connected to the Stora and it announced that there was (again) some weird drive mounted, and what storage configuration did I want? Annoyed that it didn’t remember that I’d already picked JBOD, it then proceeded to format the drive, both as expected (per advice on the Internet) and as it had last time. There was a slow moving progress bar and everything.

Once that was all done, I got ready for step 4: restore the backup. I browsed to the mount, and discovered all the data was already there. Every last byte. The lying bastard of a thing had formatted nothing. The carefully prepared backup was not needed; I spent several long moments stunned, absolutely stunned. I even ran a few checks to make sure I wasn’t being lied to, that the OS had cunningly cached the directory structure. But it was true; I could play media, read configuration files, the works. Free space was now reported as 2.2TB. I’d suspected there was a chance that this would work (JBOD shouldn’t require any special formatting, unlike RAID 0 and perhaps RAID 1), but still couldn’t believe it.

A technology upgrade worked, and contrary to advertised capabilities. Has this ever happened before?

Geeks rule the world

This warms the heart.

Here’s proof that geeks now rule the world: the USA election result shows the winner is the one with the better database. This fascinating article shows how the Obama campaign gathered and used demographic data — and how the Romney camp mis-stepped.

The Obama campaign had pulled off a trick political professionals normally fantasise about. Using some of the most sophisticated campaigning technology ever created, they reshaped the electorate to suit their candidate.

Victory for technology

Summer 2012/13 starts

Per today’s Melbourne Forecast, issued at 5:06 am EDT on Saturday 10 November 2012.

Forecast for the rest of Saturday
         Max 20 Partly cloudy.
Sunday 11 November
  Min  8 Max 26 Sunny.
Monday 12 November
  Min 17 Max 23 Shower or two developing.
Tuesday 13 November
  Min 11 Max 20 Partly cloudy.
Wednesday 14 November
  Min  8 Max 22 Partly cloudy.
Thursday 15 November
  Min 10 Max 22 Partly cloudy.
Friday 16 November
  Min 12 Max 22 Shower or two.

As such, I now declare it to be summertime (7 days in a row forecast to be 20+ degrees), and as such am shutting down the gas heater and opening up the cooling vents.

Converting .ts (DVB) to other formats (in Windows)

I’m always on the lookout for a better method of converting DVB (.ts) video streams to more useable formats.

This seems to do a decent job: Free Video Converter

— just beware of the installation questions; if you accept the defaults, it’ll install an unwanted toolbar, a doubtful driver optimiser, and an unneeded (in my case) plug-in for Firefox and Chrome.

Anybody got other suggestions, including for OSX?

Internet privacy: hard work, but doable

Ever since I came across browser fingerprinting, it’s been very hard to ignore that little voice in my head that tells me they’re out to get you. I routinely rock the Internet with JavaScript and Flash disabled thanks to NoScript and the similar NotScripts on Chrome, and have, in the past, been satisfied that these precautions were enough to stop the bad people on the Internet. If my browser was dumb, it couldn’t hurt me.

I routinely leave cookies enabled because they don’t present a system security threat. There are cross-site supercookies, but they’re implemented outside of the HTML cookie world — they’re done with Flash and JavaScript, so not so much of a problem with my configuration. In the future I’ll be disabling third-party cookies.

Disabling third party cookies doesn’t do much good with browser fingerprinting. I hadn’t realised how unique my browsers are. So Firefox gets FireGloves, which will work even for pages where I’ve enabled JavaScript et al. FireGloves changes HTTP request headers so that instead of my systems actual values, the most generic values found in the Internet are used instead; it can also cycle through them randomly.

Because of the interminable delay in page redirection on my grossly underspec’d netbook, I’ve added Don’t track me Google (which Chrome will download but then leads you to believe it won’t let you install, but if you click *->Tools->Extensions, then drag from the download bar onto the Extensions list will install just fine).

Because the Australian government seems increasingly intent to read my mail, I’ve gotten quite interested in preventing them doing so. Encrypted communications provide private browsing — what goes back and forth is a secret, but not who are having the conversation. The EFF’s HTTPS Everywhere (which works on Firefox, and kinda on Chrome) enforces a preference for SSL communications where available. However, in the real-world parallel to the electronic, that ensures that instead of my ISP being able to see me walk around the streets and then into glass-walled buildings, the buildings now become opaque. They still know what buildings I’ve walked into. The government wants to know what buildings I’ve walked into because… ummm… the building which has bomb-making instructions… we can prove… ummm… something. But now we’re safe! The ineptitude of the government’s censorship plans leaves me with no desire to allow random ISP and government employees to rifle through whatever-it-is-I-do-on-the-Internet whenever they feel like it.

As such, the next step is to start using an anonymising network; initially I2P seemed to be just the ticket. I2P is an unofficial top level domain, and under it you can find — amongst other things — eepsites, anonymously hosted web sites. Problem is, they serve HTML, and the pages could refer you off the .i2p TLD thus exposing your IP address (they might do this via a web-bug or something as innocuous as externally hosted CSS file). I2P is primarily a darknet, not an anonymising proxy; it’s an internet that doesn’t play by the same rules, and the effect is that no-one on it can identify anyone else on it (with some demonstrated exceptions). The I2P network seems to be populated by scary people and paranoid people. By far the biggest problem is that I2P doesn’t work very well for surfing the Internet, due to it’s limited out-bound connection (outproxy) to the wider Internet. Given the http://i2p.to proxy allows viewing this darknet from outside, there’s not much point running I2P unless you want to anonymously publish information.

So while I2P isn’t enough on it’s own to hide your identify online, it isn’t really enough anyway. I don’t want to wander the darknet, I want to be out in the light of the Internet using my Cloak of Invisibility. This is where the only (non-VPN) game in town comes in, along with all its demonstrated weaknesses: Tor. The Tor network is accessed via the TorButton plugin.

When using TorButton, to minimize your risk profile you can’t run random crap on your browser — you’ve got to just browse. As such, the Tor developers recommend you use TorButton with a bunch of other tools (many of which I’ve already mentioned), which are all helpfully bundled up into the Tor Browser bundle, a secured version of FireFox — not a plugin — that uses the Tor network. They’re also very down on embedded environments like Flash, Sliverlight, Quicktime, RealPlayer… you get the idea. In addition, those datafiles that carry active content — .DOC and .PDF — scare the willies out of them, and they want you to only open them once you’re disconnected from the Tor network.

In fact, they go so far as to recommend Tails running inside a VM, which means all your traffic goes via Tor. That seems to be the optimal solution.

ePub html/xhtml (or chapter) upper file size limit is 300Kb

The size of individual html files — chapters — that make up an ePub should not exceed 300Kb, according to ePubPreFlight, and this thread. Presumably this is to deal with eReader limitations, which are unspecified.

(I’ve found tell that you shouldn’t make the html/xhtml files in your ePub eBook “too big”, but finding out what “too big” is seems to be hard. Now the Internet knows the maximum size, and you don’t have to know all the magic keywords.)

To use Windows "shutdown" or "psshutdown" remotely, turn off UAC

I was wrestling with trying to get shutdown or psshutdown to remotely shut down a Windows machine.

These instructions (for shutdown) seemed so straightforward: ensure the relevant service is running, that it has access through the Windows firewall, and that the calling username is aligned with one on the remote box that has permissions to shutdown.

psshutdown avoids the latter point by letting you specify the username/password.

But everything I tried returned Access Denied.

The answer, it turns out, is to switch off UAC for that user on the remote box. Then it works:

psshutdown \\tintin -u daniel

PsShutdown v2.52 - Shutdown, logoff and power manage local and remote systems
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com

Password:
TINTIN is scheduled to power off in 00:00:20.

Of course, UAC is there for a good reason. In this case I’m not too troubled because the box involved is one I’m going to decommission in the near future, but one would hope there’s a way of making this work with UAC still enabled.

Trouble moving iTunes from PC to Mac

I tried the other day to move my iTunes library from the PC to the Mac. I figured we might as well move everyone in the house’s iTunes libraries onto OSX and then avoid having to maintain multiple copies of the iTunes software on Windows.

From reading about it, it shouldn’t be too hard.

In theory you just ensure all the files are in the iTunes folder (by ensuring iTunes is set to organise it, and running a Consolidate files operation) then copy the folder across to the new computer’s iTunes folder and open iTunes there… plus authorise/de-authorise computers as appropriate.

Problem was once I’d moved the files across, iTunes on the Mac couldn’t find some of them:

465-odd songs. It seemed to be primarily songs within compilations. They were all there on the hard disk, just not where OSX iTunes thought they should be. (Checking back on the PC, Windows iTunes was still happy.)

It would give me the option to find individual tracks, and then claim it could try and use that info to find others, but never seemed to be able to automatically find more of them by itself.

Where it was whole albums gone missing, I ended up removing them then adding them again.

Still about 90 lost which I may have to do individually… though I’m wondering if I should just remove everything from iTunes, then drag all the iTunes folders back into it to reload them from scratch… assuming it’s okay with folders and subfolders being added.