creeva

Originally published at Creeva's World 2.0. You can comment here or there.

One thing that always annoyed me about my photo gallery is that to leave a comment you had to login to flickr.   This is all fine and good, but I wanted a bit more of control over those comments instead of sending you to another site.   I finally found that I could “hack” the plugin I was using to use Disqus, the same commenting engine I’m using on the rest of the site.

Does this mean you will actually leave any comments?   I don’t think that will change too much, but the overhead and change was so small I had to do it.   So if there was any pictures in the album that you wanted to comment on, now is your chance.   Something small, but a new feature to end the week on.

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

Everyone else is writing about network neutrality today (here, here, and here), so I’m jumping on the bandwagon.   Actually I meant ot write this last night, so since I’m slow and lazy the others beat me to the punch.   Late last night I saw the first posts about Google’s MeasurementLabs sneak across the RSS feeds.  What the tools you can get from that web site do is find out if your ISP is doing any funny stuff to your internet data.

I highly recommend so they can get the broadest picture possible running these tools.   It makes you a good Internet neighbor.

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

Yesterday to help ease navigation around Creeva.com I consolidated my categories.   I went from over one hundred to just having twelve.   I used categories kind of like tags, but not really.  I was using them for specific organization methods, but over time that becomes unwieldy - especially when certain categories are not relevant or used any more.   So yesterday was a big consolidation that literally took hours.

One side effect I noticed that alot of old articles managed to get re-crossposted.   I’m not sure why  since nothing I did should have called that function in wordpress, but it did.   It honestly is as much of a pain for me the author as much as you the reader on this different sites.   Hopefully though you will find it easier to navigate different categories around the blog.   I also added a ton of tags yesterday so articles should link together better and keyword search should be stronger.

Originally published at Creeva's World 2.0. You can comment here or there.

Last Saturday morning my blog was down for the count.  I had received an email from Are My Sites Up stating that Creeva.com was down.   It told me that my blog went down late night on Friday.    I verified on Saturday that it was still down, and I had wanted to do some writing on it.  I waited.    I attempted to call tech support but after being the first caller inteh queu for over an hour I surrendered.  Saturday came and went and no blog.   Sunday morning site was still down.

I called into tech support again Sunday afternoon.   I was fifth in the queu and I was moving forward about 15 minutes at a time.  Either people ahead of me were getting help, or they were giving up like I did the day before.   I held on and finally managed to get through to a person.  Upon talking to the tech support I learned that my hosting server had moved.   Not only had it been moved, it was moved back in October.

I had known that they were going to move servers, but the e-mail announcing this stated that most people would not notice an changes.   What this says to me is that a new server will be put up with the same IP address with very little down time in the migration.    This however was not done, so all of my data was moved to a new server.    Since October I had been updating my information and blog on the old server.   When I managed to correct my DNS entries at my registrar, I discovered my blog was out of date since early November.   I was missing literally hundreds of articles once you take into account my lifestreaming posts that don’t make the front page or RSS feeds.   I was livid.

I called back and they stated they would get it synced back up off of the old server.   Ten hours later there was no change.     I waited until Monday when I knew there would be more then just support in the office.   Since I’m a reader of the Consumerist I followed on of their recommended ways of dealing with this is, I sent an executive e-mail carpret bomb here is what I wrote:

To Whom Can Help Me,

I have been a customer with AN Hosting (anhosting.com) a division of Midphase Hosting (midphase.com) since 12/24/07.   In October you were planning a server consolidation/migration plan (notice sent out is given below my e-mail (removed from blog article)) - which stated that some of our accounts would be migrated to new servers.   At that time I created an offline backup of my domain. Things went on working as they normally did until Friday night 1/16/09 7:15 PM.  At this time my site went offline.  This was verified by the service Are My Sites Up? (aremysitesup.com).   I was not aware and didn’t check my email to be informed about this until Saturday 1/17/09 early evening.   I called the support line and though I was the first customer in the queue I waited over an hour before I gave up.

On Sunday 1/18/09 I called in with my problem.  It seems my “free” domain was working properly - I don’t really use this site so I hadn’t checked it.   My add-on domains however were not working at all.   My main site which is an add-on site (creeva.com) was not working.   The technician stated that I had been moved to a new server and the old server was turned off, but my data should still be available.   My old server IP address was  [REDACTED], the new server you had migrated me to was  [REDACTED].   The technician on the phone stated that if anything was wrong with the site to call back and they could pull the back-ups off the old server.  I thanked the technician and got off the phone to start relocating my DNS and testing the site.

Before I migrated my DNS I adjusted the local host file on my computer to make sure everything was working on my main site.  Upon loading it and checking the entries it seems at the closest date I could pin down my latest blog entry was written at 11/10/07.   It’s hard to pin down since in October due to other concerns I had written and scheduled blog posts for most of the month of November and some going forward to early December.   The data may even be from October because I use these functions of wordpress.  I called back in to the support line and explained the issue and asked if I could get the backup loaded that he previously mentioned.

He opened a ticket for me and stated he would get this assigned.   In the ticket language he was vague - here is was he entered on my behalf:
Hi, I am having issues with my addon domain(creeva.com). My account was migrated
to another box. I am not able to view the latest version of my website, its
pointing back to November 10. I’ve been posting updates to my blog. Can you
please look into my account?

thank you

I’m not sure why it had to be opened under my name using the “I” reference - since the technician opened the ticket (ticket number  [REDACTED]).  I would think this is misleading to the technicians working on the case.   I checked out the language after I got the auto-email generated when the ticket is assigned to another technician.    I added the following entries after the auto reply to clarify the situation:
None of my add-on domains to my account are up to date - these have been
constantly updated through the last few months - yet under the current server
migration I was told I was migrated about 3 weeks ago.  So there would still
have been a discrepancy of a month during hte migration.

The migration letter stated that it would be seamless to the end user -
normally in most scenarios this would include making sure that the data was at
the latest possible and maintaining the same IP address - since I’m sure I am
not hte only customer that use another registrar.  If monitoring this was made
more apparent in the letter going out about the migration I’m sure this would
have saved the technical support some headaches.

I was finished some major changes on my add-on site creeva.com at about 4PM
1/16/09 - if a backup of the previous server ( [REDACTED]) can be found after
that time that would be terrific.  Is it Midphase’s policy to make backups
before taking a server offline?

Also wanted to ad - my blog at creeva.com may seem up to date more Nov. 10 - but
everything going through a publishing right now was written to publish at a
future (now past date) and the blog is catching up with it’s scheduled posts.
The current date of the latest post is not an accurate reflection of the latest
data from a back up - the bet I can ascertain the date was at least Nov. 10th
if not earlier.

A while later one of your technicians had checked on the issue and issued this reply:
Dear Brent,

We have investigated your issue. We could find that your account was migrated
from our old server  [REDACTED] to our brand new server  [REDACTED]. Please let me know if
you are using any ftp clients to upload the files. If so please use the details
that we have mentioned below to upload the files and update your website. Please
check the settings of your FTP client.

Server name : [REDACTED]
Server IP :  [REDACTED]
Username : [REDACTED]

We have also checked the blog site creeva.com and entered a post and the post
was successfully updated. We have attached 2 screenshots along with this mail
for your reference. Please check it.

Please let me know the exact issue regarding your subdomains. It seems that you
are uploading the new updates to our old server. So please use the above details
in your ftp client so as to upload the files to the new server.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Regards,
[REDACTED]
Technical Support Representative.
Hosting Services Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Since he didn’t seem to understand what I was asking I reiterated my request - also notice in  [REDACTED]’s reply that he gave me a third IP address that I should be using:
I need the data off of  [REDACTED] - which is where my add-on host was before
yesterday - I wasn’t using an FTP client - I was directly entering the data via
the wordpress interface - I checked my e-mail  logs and at no time was I alerted
there was going to be a server move where I would have had to adjusted the IP
address records of my add-on domains, if I had received that I would have been
more pro-active and migrated the DNS earlier.

The problem is I need the lastest information from Friday off of the
[REDACTED]  - one of the advantages on your home page is the fact that you
do nightly back-ups - so the backups should still be available.

I’m missing approxiamately 200 posts on my blog - affiliates update
information, theme updates - and that’s just for one add-on domain.  I also
find it odd that you give me the IP address  [REDACTED] - earlier tech
support gave me   [REDACTED] - which restored my access to the site  - I added
the IP address you gave me and added it to my hosts file locally before I
updated my registrar - I was hoping it would give me a more up-to date version
of my blog - it didn’t and just delivered me to a CGI page and the site doesn’t
load at all.

The problem is not access - and I can re-adjust my own FTP software - my
problem is data -freshness

Can I please get my data restored from the old server?

While you stated that during the migration - “In most cases, the migration is completely seamless. We have brought in a team of experienced migration experts to ensure this effort is handled with the best of care. If you should have a problem relating to your site, please do not hesitate to contact us: support@anhosting.com. We have a team standing by 24/7 to help out!”  I question the migration experts that performed this migration.  Currently at my place of employment we are performing similar actions with our infrastructure - and there was more customer outreach then you have given.   Since you know what are add-on domains are are your servers - any customer with a third party registrar should have been alerted by e-mail that their DNS records would have had to be adjusted.

Further action should have been done to sites on the old servers that were still getting traffic.  Since my site was receiving regular and steady traffic that should have been a tip off to action by your IT personnel that the customer should be alerted to adjust their DNS records.   This is all a failing on your team of migration “experts” by things that could easy have been prevented by a little due diligence on their part.

The biggest coincidence is that over hte last week I’ve been in discussion with someone to move over to your service.  I also had planned on migrating one of the non-profit organizations ove to your service next year to a VPS plan when their contract runs up.  Currently in good faith I can’t advise this to either of those accounts.   This disruption and loss of data is just not acceptable when it could have been easily prevented by checking what was going on the old server before you took it offline.

I am merely asking to have my backups from  [REDACTED] restored to my account.   Is this possible or do I have to make some other plans?  I am also sending the Consumer Advocacy blog “The Consumerist” (consumerist.com) a copy of this e-mail.   While the migration diligence seems to be in error you can still correct this problem and an unhappy customer by performing adequate customer service.   One of your features of An Hosting that is touted on your site is ” Backup Storage -Nothing is more shocking and heartbreaking than losing ones data and hard work. We back up our servers nightly to ensure you always have ANHosting to depend on!”  I am solely asking for my data to be restored as close to 4PM 1/16/09 as possible and my faith that I can “always have ANHosting to depend on!”

I sent this e-mail out to the American general manager of the company, the consumerist, the European Executives, and support.   I received an e-mail from the general manager and he got a technician working on the issue right away.   The issue was resolved in a couple hours.   They pulled my data off the old server and synced it to the new one.   There was still some minor issues that I had to correct - wordpress needed to be re-upgraded, but all my SQL databases were up to date.   They also kept me informed during the whole migration.

I really wish I could have had that level of care taken of me on Sunday, or at least a time frame when the data could have been restored.    When they try to equate a blog with a normal static website, it just shows ignorance on their part.   It does show the problem I have with doing regular back-ups - which is in the architecture stages right now.    The only thing I ask of my hosting provider is to live up to the promises they have given me.   I don’t open tickets - really I’ve talked to them only about 3 times in the last year.   The first being a simple problem I had while waiting for my account to activate, the second inquiring about the share SSL certs, and the third this issue.    I’m glad even though I “yelled” across the Internet more then I should have, that they came through and everything is now working.

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

The other day I was browsing Craig’s List and noticed a listing for some free software.   It wasn’t anything I was interested in, but I did stop an think about it.   We talk about all the time about verifying where you download software from.   We hear all the time about pirated software that looks the same as legitimate software.     So why would you take free software from Craig’s List?

I guess this is just more an observation.  I’m just pointing out common sense that people should be thinking.  I’m just trying to point out that there is no such thing as a more trustable anonymous source.   It would be easy to compromise a computer by offering free software on Craig’s List and manipulating it before handing it out.

I’m not saying not to take - just think twice.

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

Google reader, I love you - I also hate you.    You are like a bad relationship that I can’t break.   You save me so much time on the web since I no longer have to jump from site to site.   You however do not give me any good reason to use you and save items.    You are a cruel mistress who mistreats me and wastes my time.   Here are things you need to work on.

The first and only thing you need to work is how saved “starred” items work within your interface.     I have been trying to clear out “starred” items since the list was getting unwieldy for me.  Let’s start off by how I use starred items.   I use it to save personally interesting stories that are not relevant enough for me to share the story.   They are also too mundane in most occasions to e-mail to myself.    Yes I know this is in essence using you as a bookmarking service - a service mind you that Google has not officially ventured into.  You are designed to display information rapidly from multiple sources and your saved items is really an after thought.    Or it it?

You attempted to rectify some of this with tagging, the first problem I have with tagging - is other then by using search I can not find a way to find the “folders” made by creating a tag.   It’s all fine and great that we can create tags, but if you can not quickly get to them, what is the point other then to give me hope.   Maybe I’m just retarded when it comes to tags, but tags do not answer the second problem I have, only the bookmarking aspect (and answers it extremely poorly).

The second thing I use you for is saving stories that I can come back and read later.   I get in on Monday morning and I have 367 unread items that have shown up since Sunday when I cleared them out.   I don’t have time to leisurely read the stories, instead I go through and star the ones I want to come back and read later.   By Friday I have over one thousand story I want to come back and read, but who has the time or effort.  The other day to get back to my oldest starred items it took me over 5 minutes of scrolling all the way down and waiting for you to load.   There has to be another way.

A few methods I came up to help the starred overload issue:

Saved feed items by date - if you could categorize items in folder by month/week/or even day that you starred them that would be fantastic and save on a hell of a lot of scrolling.

Starred item by feed it came from - by being able to filter our starred items by source feed would also be awesome.   This would allow me to quickly dig into the stories I want to read when I sit down.   Sometimes I don’t feel like going back to starred items from feeds 6, 5, 89, 90, etc. - when all I want to do is read stories from feed78.     There should be a simpler way to do this then forcing me to tag or search.  I can set up labels and see them on the left in Gmail, why is the reader data so different?

Well next week I plan to publish articles of some of the saved links I have saved by subject.   I’ve been working hard, but like they say you go two steps forward and you end three steps back.     We’ll see how it goes.

Love,

Creeva

Originally published at Creeva's World 2.0. You can comment here or there.

Picture from here

For all those Trekkies out there (or do you really prefer Trekkers?) Brent Spiner just joined Twitter today.  I looked at who he was following, and there we get Wil Wheaton and LeVar Burton.  So now you can get your Trek on with Twitter.   Go forth and follow - and while you are there you can give a little follow to me also.   Please let me know if you find any other Star Trek performers on twitter and I’ll update this post as necesssary.

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

I know I just gave a post on using creative commons based works, and about the problems of dealing with international public domain laws, but Youtube has cracked down on me.   Over the past few weeks I’ve been getting e-mails from youtube that say the following:

Subject: A copyright owner has claimed content in one of your videos

Video Disabled

A copyright owner has claimed it owns some or all of the audio content in your video [redacted]. The audio content identified in your video is [redacted]. We regret to inform you that your video has been blocked from playback due to a music rights issue.

Replace Your Audio with AudioSwap

Don’t worry, we have plenty of music available for your use. Please visit our AudioSwap library to learn how you can easily replace the audio in your video with any track from our growing library of fully licensed songs.

Other Options

If you think there’s been a mistake, or you have other questions, please visit the Copyright Notice page in your account.

Sincerely,
The YouTube Content Identification Team

Now in theory I could fight this, but I know I am in the wrong.  I had videos on my profile that did include copyrighted music.   For the most part they are not videos that I created, I was merely archiving them in a central location so people could find them.   All the videos that have been taken down are Machinima videos that were “filmed” in Star Wars Galaxies.  I can’t really take them up on the music swap suggestion, since the person that originally made the videos had a specific intent that went along with the chosen music.

This all goes into the idea of fair use and when is it ok to use something to create something else.   This argument is a bit out of scope for this post.   What I can say is all of these videos still exist online, archived in far off pages.   It is sad that they can’t be displayed to wider audiences since most of them do have true genius in their design.

I thought this apt to add before anyone thought I had a holier then thou attitude in anyway because of my recent conversations.   I knew the risks and issues involved with posting these pieces.   I never claimed any part of the work was mine, and the most important thing is - I knew where it stood in the grand scheme of things before I did it.   I’m not saying you will never run into a spot where you won’t ever use copyright material.   Just be aware of what you are doing if you do.

Originally published at Creeva's World 2.0. You can comment here or there.

On Friday Google rolled out a new favicon to the world. This news seems to be so powerful that it inspired a Slashdot thread with 183 comments and a story about this received 1451 Diggs at last count.  I however think just smacks of slow news day syndrome, but what can I say - I’m writing a useless story about how other people found a useless story interesting.   Maybe this will be the post that makes it to the front page of Digg.

BTW:

Google’s new favicon

That’s for those that have not gone to Google.com and seen the new favicon in the address bar.

Originally published at Creeva's World 2.0. You can comment here or there.

Recently I started contributing to the International Music Score Library Project and I’ve ran into a small snag.   Currently I’ve only uploaded two pieces ( I did say I was going to contribute more to the public domain going forward) and I received the following message the day after I uploaded the pieces:

Dear Creeva,

IMSLP is located in Canada and therefore operates under Canadian copyright law. A very important difference between Canada’s law and that of the USA is that the term is determined by the death date of the composer or author of the work in question (term is life-plus-50 years). I was able to find out that George Hendricks Rosenkrans died in 1955 and is therefore public domain in Canada. Gus W. Bernard is a different matter.

I was not able to find anything on the date of Gus W. Bernard, so I have to estimate his approximate lifetime. Please be advised that should info surface that he died later than 1959, the item you posted may well have to be deleted. Also, please try to include complete information on composers when you add a new name. You can often find out things quickly by means of a simple Google search.

Thanks,

[NAME REDACTED BY CREEVA]

Now I wrote yesterday that just because something is online it isn’t in the public domain.    Let’s look at the other side of the coin just because something is in the public domain, it doesn’t mean it is in the public domain.   In my normal mode of thinking, I think in US copyright law.     When we are dealing with other countries in our global economy and global communications infrastructure we need to be aware of their laws as well when interacting with other services.

Now the project above could get in trouble if the work is copyrighted in Canada and they display it.   I however uploaded it from the US so I broke no US law since both works were in the public domain here.   Did I break a Canadian law though?  I don’t know.   This is one of the problems when dealing with the public domain.   The question over the Canadian law comes to light when you consider while the service is in Canada, I physically performed the actions legally from a US computer.   Very fuzzy and gray in many aspects when you look at the big picture.

So when contributing ot the public domain - be aware where the servers are physically located in the world, be aware of the copywrite law in that physical location.   Now if only we could get a US Mirror to work off of for that project……..

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

While I don’t really blame NYPD from wanting to evolve and learn from other terrorists attacks, I think they are very short sighted in the idea of  blocking cell phone service in a terrorist attack.   I first read about this story on a Wired.com blog entry, I thought how asinine an idea just reading the headline.

The historical aspect where they are working form is the terrorist attacks in Mumbai that happened last month.   The terrorists used cell phone networks, GPS, and anonymous e-mail to coordinate their attacks.    The NYPD think that if they shut down cell phone coverage in the Big Apple terrorist cells  won’t be able to coordinate attacks in the big city.  There are a few things that they don’t seem to be aware of.   Terrorists are smart in most cases, citizens are ignorant.

We already saw in the Sept. 11th attacks the panic that is caused by the loss of cell  phone service.  If there is another large attack, normal people in NYC will panic, since the communication infrastructure was supposed to be strengthened post 9/11.  If they can’t reach their loved ones, if there isn’t a way to get news in and out, people will panic and make the problem larger then it would be otherwise.   This is just how the normal citizens would react, what about the terrorists.

Well this news has made it to the web, so terrorists can now plan for this eventuality.   They can now be ready to act if their cell phones are blacked out.  Also NYC is the land of open wi-fi hot spots.  Anyone with and sense could easily work with a wifi phone or a laptop and still have communication with one another.   So the next thing they would have to look at is blocking out cellular coverage and all internet access in and out of the city.   This is also if they are not coordinated ahead of time.   This is all a smoke screen to give teh police more power then is needed.

Remember -  “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” ~ Ben Franklin

Originally published at Creeva's World 2.0. You can comment here or there.

The above picture has nothing to do with this article.

A few weeks ago I was having a discussion with one of my family members about web site design and blogging.   He stated that he was going to be starting some sort of manga/anime fan site based on a certain character.  I stated that he should be a bit wary about the images he used that he may have to worry about copyright issues since the images were trademarked and copyrighted.   Keep in mind this was the same brother that wanted to setup a website for a girl so you couldn’t download the images (and I called him out on the futile nature of that).    Kind of ironic when he wants to control it, he thinks one way - but when he wants to use it he thinks another.

Another family member piped in that they thought if it was online it was public domain and free to use.   Now I corrected them, but so everyone else knows - just because something is published online doesn’t mean it’s free to use.   When I don’t use my own pictures I always use creative common licensed images and put an attribution link beneath the image (sometimes I do use public domain images and don’t attribute).   I even had an online scuffle with someone who licensed her work via creative commons and didn’t know what it meant.

I gave my family the two minute off the top of the head review of current copyright law and how creator’s rights worked under our borked legal system.   Essentially if you are in the US anything made 1923 or earlier is free game - anything after that is the life of the creator plus seventy years.   Unless the page it’s on states otherwise you have to assume the work is copywritten.   Then we get into fair use, which is a whole other ball of wax entirely that I’m not going to touch right now.

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

I’m the crossposting whore - I write once and I have everything designed to publish everywhere (well at least when things aren’t broken like Ping.fm to Myspace blogs).   This however is not syncing, it’s distribution and publishing.     A true sync across all platforms would be amazing.

The example I would love is I make an edit to a blog post, then every place and profile that I’ve published that post on would update with no manual intervention.   Since I can’t do that, Creeva.com is considered my authorative location for all blog posts.  If I wanted to edit those other sites I would have to do each one manually.  Granted I’m sure without using syncing it saves on bandwidth.

Things that I can sync?   Well my contacts and calendars with Plaxo, but that kind of is just the tip of the iceberg.   My biggest issue write now is syncing Flickr photos to Facebook.  I am aware of Flickurbook, but this still uses your local machine - there is no reason this can’t be done “in the cloud”.    It’s all soooo sloooooow.   Seriously at the speed it moves I could just reupload all the pictures to Facebook faster then this thing goes.  It’s free, it’s the developers fault, it’s great what he did; but it’s not the solution I’m looking for.

Finally using my distribution chain I chase all over the web to answer comments.  I don’t mind doing that.   However, wouldn’t it be better if across all platforms and services these comments were kept in sync?   Then I could use the spam filters I wanted to from a central location.  I could reply to comments from a central location.

I’m just pipedreaming again…..

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

Every once in a while I get comments from SEO professionals that try to advise me on how to re-arrange ad placement.   They tell me I should put ads in the middle of the posts instead of at the end like I do.   Their theory is this would cause more people to actually click these ads.  There maybe some truth in that logic, I find the breaking up the text annoying that way.   I have it set up to work in a certain flow, this is my personal preference.

I could be writing sell out articles where I’m paid to review a product, but you don’t get paid by others if you are known for negative reviews.  So I don’t bother trying to get involved in that.   The biggest money loss I’m sure from an SEO stand point is that I cross post to other sites that do not show my advertising, and in some cases no advertising at all.   A free pass to read my articles without any pressure.   Hundreds of people I know on facebook and myspace read my articles for “free”.

So for those SEO’s that hate me and think about the money I waste - please don’t e-mail me to try to optimize my revenue.  I’ll handle it, or I’ll come to you when I decide otherwise.   This year I should make a profit even though I’m throwing money away.

Originally published at Creeva's World 2.0. You can comment here or there.

Image from here

I have a Palm T|X (well since my wife abandoned hers I have two).   I loved it.  It was useful.  It was helpful.   I even managed to get it online.   I moved on over to my Nokia N810 now though, and it does everything I used to use my TX for.   So does anyone have ideas on what I can do with the Palm without completely putting it out to pasture?

Originally published at Creeva's World 2.0. You can comment here or there.

Picture from here

A couple news sources are reporting today (here, here, and here) that the LA Times is suspending their program of using a wiki for editorials.   Now in a controlled environment like Wikipedia where they have the volunteers to handle un-authorized edits, wiki’s can be a great thing.   In the hands of exposing your edits to the audience of a major newspaper - I wouldn’t have gone that route.

What they were finding is that people would make their own slant on the editorials - such as changing the word abortion ot the word murder.  They also were inundated with spam and porn ads.   Sounds like they didn’t have the best idea on the onset of setting up a wiki or properly staffing what would be a high profile use of the technology.   This is technology that is meant to be changed and updated.   That ability alone has made some people suspect of Wikipedia.   Newspapers are dying out in America - but this example shows why such high profile companies can not hand the keys to the car to just everyone asking.   Citizen media has it’s place, but old media shouldn’t be attempting to tag it on without understanding hte consequences or the work involved in maintaining it.

I wonder if anyone got fired?

Originally published at Creeva's World 2.0. You can comment here or there.

The recent twitter phishing scam had non twitter users scratching their heads on why this service would be targeted for a phishing scam at all.. Most people view little or no monetary value to twitter accounts. For most people this may actually be true. For people like Scoble or companies that promote themselves over twitter, well the brand name damage caused by a hijacked twitter account could be quite costly.

One of my friends on twitter had a reply about this issue (I’m assuming the other person didn’t realize the long tail potential impact (yes I used the term long tail - get over it)). What I saw was this:

@jeremyasmus could be any number of reasons, spread malware, spam, get passwords, us humans tend to use the same password over and over.

This is the crux of the issue isn’t it? The problem isn’t average user with nine friends directly, it’s the large power users and the passwords for other services. Let’s look at each of these.

Let’s say you are Scoble and your account get’s hijacked. Scoble has a level of trust built from himself, he is known to get the inside scoop on information, people click his links. Scoble has over 47,000 followers. If his account was hijacked and ten percent clicked a link that was really a malware installer - that would be 4,700 people infected within a matter of minutes. I think however the number of Scoble followers would be much larger probable in the 50-60% range. For a malware distribution this is a great return for the time frame, with the added benefit that you may get some other high profile names in the attack.

The cost to deploy such an attack is extremely low - under ten dollars, while the net return would be a few thousand, potentially more. Since there is little risk to getting caught if you know what you are doing, you could make some decent money by exploiting this chain of trust that exists and is protected by a mere password.

Let’s look at the side of this coin, the normal user.  Adam Baldwin nailed it right on the head when he stated “us humans tend to use the same password over and over”. I know I do, though different level of things have different passwords - my banking account does not use the same username/password combination as my twitter account - neener/neener. It is however shared with some other web 2.0 services. Some other people may not be so diligent. This once again is a chain of trust issue. You are trusting the companies that you give your passwords to are truly them, so once your password is in the wild it’s exposed and all of your accounts are open to attack.

Let’s look at the information an attacker can get from you if they have your twitter password:

User Name - while by itself it’s exposing a little bit about your account and your password - the problem lies in having both bits of this information. That part should be blatantly obvious. The issue lies in the fact that most of us use the same username or “handle” across many sites on the web. Doing a Google search for “Creeva” yields over 46,000 hits. A lot of these hits are different services that I play with and over 90% of the hits link back directly to me in some fashion. Since most sites use you username as your login name, if I used the same password every single one of these services would be exposed if I fell for the twitter phising scam.

E-Mail Address - Yes though it maybe only a small amount these days, your e-mail address is still worth a few percentages of a penny to the spammer. This would get you on more mailing lists, and ones that would be quite hard to get off of. It is also normally used as a login name for service that do not use your handle. More accounts have now been exposed because of this. If your e-mail account passwords is the same as your twitter account (dumb mistake) everything about your online life, accounts, and transactions can now be exposed and utilized against you. Would you notice a gmail filter that someone setup to clone every incoming e-mail?

The other issue is even you do not have accounts that show up in a Google search they could use a service search engine such as Spokeo to find accounts even you may have forgotten about.

Mobile Phone Number - This probably would be one of the most annoying things, that your phone number has been exposed to the internet underground. Phone spam, call back charges; there are a few things they can do with this number. I do think this is small annoyance compared to loosing your email account.

Being a good security professional my recommendation is to use strong passwords that are unique to each service and are rotated regularly. I am also a realist and know that you won’t. This may be the time to start doing segmentation where different accounts do get different levels of passwords. This is what I do so if my twitter account was compromised only the services that I consider on par with Twitter security-wise was at risk. Lower level accounts would be safe and higher level accounts would be safe. I also think with the range of accounts, I could move faster then the phishers going through and knowing what to change faster then they could try all 46,000 sites. It’s a thought - now what are yours?

Originally published at Creeva's World 2.0. You can comment here or there.

Picture from here

Wired is reporting that Steve Job’s weight loss is due to a hormone issue.   Over the last week I’ve heard that Job’s  was going to be appointed by Obama.  I’ve heard Job’s was dead.  I’ve heard that apple won’t survive without him.   Really people, I appreciate what Job’s has done for the Industry.  I don’t care about breaking reports that the yogurt place he frequents has seen him recently.  I also think worrying about Job’s health is not a reason to sell your stock, since it would rebound even after his death.

/sigh

I’m into Mac rumors, but the this Job’s rumoring is just getting ridiculous.

Originally published at Creeva's World 2.0. You can comment here or there.

Picture from here

A few months ago my home server lost all of my MP3’s from a share.  I was freaking out thinking some process had magically deleted them.  Then I noticed the partition was missing.   I spent a few days banging my head against the wall trying to recover the data and nothing helped.   Since I’m a listener of Security Now, I attempted to use Spin Rite on the drive, even this didn’t help it.   I was freaking out.

I set aside the drive and re-addressed it yesterday.  A friend of mine had a copy of Partition Doctor 3.5 and we ran it against my drive.   In a matter of minutes we managed to get the drive back up and all of the MP3’s were there.   Neither my wife and I were too anxious to go through the 2-3 week ripping process we did last time when we re-ripped at a higher bit rate.

This is not a promotion, I get no money from the links you click, if however you do have an issue with a lost windows partition, try Partition Doctor’s demo version and it will show you if it can be recovered.

Originally published at Creeva's World 2.0. You can comment here or there.

I found the following video on Youtube.

It’s been a long belief that yelling, screaming, and sometimes hitting actually do something to make a computer work better. I’m in the belief that the more you know about computers the more true you find the previous sentence. Most people just think that you are nuts or crazy, however watching the video you can now see there is an effect. For those wondering though, if you didn’t save your document and your whole computer crashes, no amount of screaming or brutal violence against the computer is going to bring the information back.