Lewis' Blog Tales from the trenches of information technology

28Sep/143

Updating bash to patch Shellshock on discontinued CentOS 4.8

By now, this week's news of the Shellshock vulnerability has quieted to a bit of a rumble. What a mess, and to think that this exploit has been possible for such a long time...

What to do about old Linux distros, then? Yes, the rule of thumb is that if the distro is no longer widely supported, one should move off of it, or at least put it behind something more secure. But what if there is a single application which requires just that particular old distro, and will not play nicely with anything newer, and what if that particular app is proprietary, and no longer available?

9Aug/140

Google’s HTTPS Everywhere initiative: not so fast…

It seems that Google has a new factor to consider for web rankings: HTTPS.

I understand the allure of encryption. Heck, I use StartPage as my search site, and all of my searches go over HTTPS. The problem is that HTTPS is expensive.

16Feb/140

Conditional menus for WordPress with the Suffusion theme and mega menus

The Rosenthal & Rosenthal site is undergoing a major revamp, moving from a static, all-Flash (yech) accumulation of static pages and compiled Flash objects to WordPress 3.8.1.

In addition to rebuilding on a stable platform, the redesign plan involves a number of new features, some of which I'll document here on my personal blog to try to contribute to the community 1.

  1. I truly dislike the phrase "give back," as I've not taken anything; I do, however, contribute, as I can.
9Nov/130

Gravatar Privacy Issues

Most of my regular readers know how paranoid I am about my own privacy. I use throw away email addresses for many things, because I know that nothing comes for free (TANSTAAFL), and whenever anyone offers me something for "free" if I only provide my email address, I have a pretty good idea what's to become of it.

21Jul/130

Scammers target travelers using hotel Wi-Fi | Fox News Video

I'm not embedding the video stream here, only because I have not requested permission from Fox. Clicking through the link below will take you to the 2-minute piece, however:

Scammers target travelers using hotel Wi-Fi | Fox News Video

I have a couple issues with the segment, which caught my eye a few minutes ago:

6Jun/130

Why should CPAs care about the cloud? Let’s count the ways

Why should CPAs care about the cloud? Let's count the ways.

Egad... Drinking the Kool-Aid? Who are these people in this blog post, anyway, and what on Earth do they know of data security?

25Mar/130

Knowing when to say farewell to a client

I recently had the distasteful experience of having to tell a long-time client to find someone else to handle his IT consulting. We had (I thought) become friends over the years, though recently, tensions surrounding some server trouble over here (I hosted his email) led to difficulties in our relationship.

11Nov/120

BetterPrivacy Mod for SeaMonkey

BetterPrivacyNettiCat has graciously granted me permission to modify (slightly) his BetterPrivacy extension to allow for installation and use under SeaMonkey. The current version (1.68.m, as of the date of this post) should install under SeaMonkey 2.0a1 and above.

For those not familiar with this extension, it goes beyond the built-in sanitizing functionality of Firefox and SeaMonkey to include clearing the Flash cookies, which may be stored for an otherwise indefinite period of time. For more on the actual feature set of BetterPrivacy, I would suggest reading the information available on the official home.

11Sep/121

Fallout from GoDaddy’s recent DDoS experience

First, my heartfelt condolences to everyone who was impacted personally or financially by yesterday's DDoS attack against GoDaddy. That includes customers and employees, and as an admin, I know firsthand what it's like when the systems grind to a halt under one of these things, when all that's left is simply to put something else on the front line to check for traffic and wait it out (or request new address blocks all the way around). This, of course, does not take place in a vacuum: when these things hit, we are always surrounded by The Suits who have no clue as to why we can't do anything more (or faster), constantly complaining of our inadequacies (we should have known better; we should have predicted; we should have been better prepared; etc.).

15Apr/120

Why I still use OS/2 (eComStation)

As a consultant, I look at computers and operating systems from a "best tool for the job" perspective. Some systems are better suited to some things than others. I wouldn't expect to play modern computer games, written for Win32 or Win64 on Linux or OS/2, no matter how far advanced Wine or Odin was/were. Likewise, I wouldn't consider running a web server on the Win32 or Win64 platform vs Linux or OS/2.

Along with other suitability considerations, I factor in my own (or the client's own) comfortability factor with a particular environment. The Mac object oriented desktop is quite nice, though it's not my environment of choice. On Linux, I prefer KDE to Gnome, but neither of those nor the Mac desktop nor Windows Explorer approaches the level of comfort, familiarity, or ease-of-use which I experience using the Workplace Shell, which is - for me, at least - the main reason I stick with eCS.

Stability concerns? These affect all platforms at one time or another. Unless the problems are inherent to the overall system design (Windows' weak security model and the dangers of the single registry paradigm), such things need to be considered in the course of business. that is to say, they happen. Cars break down, too, but I'm not quite ready to go back to a horse and cart (and carts break - ever change a wagon wheel?).