Archive for the 'The Web' Category

Is Digg.com on the way down? I personally find myself visiting the site less and less, turning instead to Slashdot and Gizmodo for my news and entertainment. When I do visit Digg, there’s little that I find appealing enough to digg. In fact, looking at my profile, I find that the last story I dugg was on December 12, quite some time ago. The majority of stories seem to be very uninteresting, or (more likely) stories that are already covered on other websites.

Even the Diggnation podcast seems to be degrading in quality. The show used to be solidly funny, but I find myself laughing only a few times per episode these days. I’d much rather have the higher grade content as found in The Totally Rad Show. Neither Alex nor Kevin seem to put as much effort into Diggnation as they once did, which isn’t too surprising. Like the saying goes, ‘All good things must come to an end.’

Several short thoughts for today:

The Java Popup you Can’t Stop

A story over at Slashdot discusses a newly discovered means of bypassing popup blockers using Java. There are two proofs of concept available: an applet based version and a JavaScript version. The applet concept works in any browser, while the JavaScript concept works only in Opera and Gecko-based browsers. I couldn’t get the JavaScript version to work for me, but the applet concept works surprisingly well. Pretty scary!

Bridge Collapse Alters Amazon Rankings

I noticed just the other night that the list of bestselling automotive items at Amazon.com yields some surprising results: 4 out of the top 5 selling items are “life hammers” designed to help you break out of your car as you sink into the water. The bridge collapse in Minneapolis is no doubt the cause of this interesting shift in the top selling list.

Michael Vick Dog Chew Toy

This is so great. Payback’s a bitch! Thanks dad!

Barry Bonds is a Big, Dumb, Moron

Title says it all.

Can anyone recommend to me a secure (i.e., spam-resistant) contact form? I use the NMS FormMail script over at Born Geek, but spam is starting to pour through it. A replacement would be great, so any recommendations would be appreciated.

I’ve been out of town, so I know that this story is a few days old, but I really dig the new look at CNN.com. It’s clean, sleek, and takes up much more screen real estate. The HTML doesn’t validate, nor does the CSS, but I still think this is a step in the right direction.

Jeffrey Zeldman has written an intriguing article on why “maybe” is one option too many. He compares the usage of “maybe” in questionnaires to five-star rating systems, exposing a point I had never thought of. As always, it’s a well written article that makes you think. Zeldman FTW.

Nearly a week ago, a malicious person or group of persons hacked into DreamHost, the company I use to host both Born Geek and this site. The passwords for over 3,500 FTP accounts were compromised, and some customers found unauthorized changes to files or directories. My account was among those that got hacked, and the experience has made me a better computer user.

Having a password stolen is frightening enough, but my situation was nearly a worst case scenario. When I originally set up my user account with DreamHost, I naturally provided the password to be used with that account. This user account granted me access to the DreamHost web panel, FTP uploads, and access to the web server’s shell (via either telnet or ssh). When I later set up an email account, I chose to use this same account out of sheer convenience. I made a likewise decision for access to my web server logs. So, in short, one username and password provided me access to five areas:

1. The DreamHost Web Panel
2. My web storage (via FTP)
3. My web server home directory (via telnet or ssh)
4. My primary email address
5. My server logs

Do you see the problem here?

As soon as I got the email that my FTP password had been compromised, I realized how slack I had been about security and panicked. Thankfully, none of my files or databases were corrupted (though I’m still taking a look through everything). I have since changed all of my passwords, and they now all differ from one another, something I should have done from day one.

I try to be as security conscious as possible, but I really dropped the ball in this area, mostly for convenience’s sake. This is the first time I have been ‘hacked’ like this, and I’m actually glad it happened. The experience has motivated me to be more secure in my password handling.

Lots of people are jumping ship as a result of this, but doing so seems premature to me. The folks at DreamHost are being open and honest about the problem, and I really appreciate that. Any company that steps up and says “we made a mistake and we’re trying to prevent it from happening again” is worth sticking with. At the very least, I’ve learned a much needed lesson.

Update: I forgot to mention that other web hosts were also hit by this attack (according to this post), so it wasn’t solely a DreamHost issue.

I have fixed a bug in the navigation links in MonkeyAlbum here at the site. Some of the links used to navigate photo albums with multiple pages were pointing to the wrong location. If you happen to spot any other problems, please let me know.

A new photo album (possibly my best one yet) will be posted within the next day or two, so stay tuned.