Lewis' Blog Tales from the trenches of information technology

18Sep/120

Adjusting the Lightword theme for WordPress

I got a report today from a long time friend and colleague about some difficulty he was having with my blog. It seems that his view of the pages were lacking the date "tabs" to the left of the content column. He quickly confirmed that when I sent him a snippet of a screenshot (quick shout out to M. Evans, the author of Abduction!, which is an absolutely fantastic tool for capturing all or portions of browser content).

12Dec/110

Egad! Why do people do their own web development?

WordPress 3.3 is now GA. Knowing better than to blindly upgrade without at least having a look at what may be not quite ready for prime time (though WP is quite good about reasonable beta cycles and such), I happened over to the WP fora to see what reports had been made (yes, I should have gone to the bugtracker, but I like to get a view from "on the ground," so to speak).

11Nov/112

Three good ways to thwart tracking attempts on the net

There is a lot of malicious junk floating about the net.I know; that's not a real surprise. Under normal circumstances, a good (standalone) firewall will keep one reasonably safe from the worst of it. However for those of us who travel, it's a constant challenge to keep up with personal firewall tweaking and such, and still, unless one is really running the kinds of stuff typically found in a UTM (Unified Threat Management) solution, just tweaking some firewall rules just isn't going to cut it.

[Shameless plug: Rosenthal & Rosenthal is an Astaro consultancy. If you know of anyone with a need for a truly solid firewall, email filter/scanner, VPN concentrator, etc., referrals are welcome.]

So, what can one do while traveling? Trust the hotel firewall? I think not. Here are three quick tips to help keep your system clean from would-be spoofers and such:

HOSTS file

A quick edit of your hosts file to loop back known bad sites to localhost (127.0.0.1) is a good start. To get started, have a look at the list compiled here. This will make some web pages look rather ugly, as the browser brings up the dreaded "cannot access..." in various iFrames and such, but it will speed browsing and keep that excess junk from cluttering the screen.

Squid proxy settings

Squid is great. You can do a lot of things with Squid, such as block entire IP ranges from getting in (or going out to them), which improves performance considerably. I'll post more on Squid configuration in a later article. For now, suffice it to say that Squid can be used as a pseudo-firewall (you just have to not defeat it by turning it off, but this is true of software firewalls, as well).

Privoxy

Another type of proxy is a privacy screen. Enter Privoxy to the scene. One of the annoying characteristics of most web surfing from modern browsers (and ancient ones) is that we tend to leave behind more than we take with us. To truly surf anonymously requires some type of anonymizer, and Privoxy is a good choice (this way, your travels don't follow you home, when you finally do get behind your warm and cozy hardware firewall). A couple interesting guides for chaining Squid to Privoxy (or vice-versa) may be found here and here. Again, I'll post more on this in a subsequent piece, but for now, suffice it to say that this is an excellent addition to your arsenal.

These are but three fairly quick and simple (well, they can be less complicated than others, at least) ways to browse more safely, and are of particular usefulness when away from home (or the office), where the bastion server is unknown and likely not to be trusted. In time, I'll flesh in more details and tips for configuring each of these solutioins.

Happy browsing.

1Dec/100

The Browser Wars Continue…

An interesting (if inaccurate) read over at USA Today...

The author makes the (by now familiar) statement, "A decade ago, the Web browser market was a two-horse race between Microsoft's Internet Explorer (MSFT) and Netscape Communications' Navigator. (We all know who won.)" We do? Let's see if we can put some perspective on that concept...

Setting aside the innovation by Netscape Communications (the folks who brought us SSL, for example), and taking only the browser product (Netscape Navigator) and its progeny into account, there is a long line of succession and it is clear (to me, at least) that not only are the browser wars not over (by a longshot), but that just as in covert warfare, it is often difficult to tell who is really winning the overarching conflict.

Wikipedia has a fairly complete history of Mosaic and Netscape, and the companies which produced those products. I will not spend the time reiterating all of that information here, except to say that while there are a mere handful of browsers based on IE code, I can think of no less than twenty open source and commercial browser and browser-related offerings which are based on the Gecko rendering engine (the underlying engine in all Mozilla-based browsers).

Don't be misled concerning the reports of IE usage vs other browsers, either. Considering that IE is an integral component of the Windows desktop, and that every time the Windows OS accesses the net for updates, registration, and such, it utilizes the IE engine, it is simply not possible to tell how many of those people actually use Mozilla-based browsers for their real-time browsing, considering the number of Windows-based systems in use as compared to other desktop operating systems (and this, too, is likely to change over time).

So, as with all of these statistical reports, take the author's conclusions with a grain of salt. I am posting this from:

Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.9.1.15) Gecko/20101110 Lightning/1.0b2 Mnenhy/0.8.3 SeaMonkey/2.0.10

which is built 100% on Mozilla code.

PS - One other comment form the article referenced above, and one with which I wholeheartedly agree:

Several financial institutions don't work well with Chrome or Firefox, forcing their online banking customers to use older, less secure versions of IE.

LOL...