Tag Archive: HTML

Tories Reveal Authoritarian Roots While Liberals Check Their Shoelaces

None are more hopelessly enslaved than those who falsely believe they are free.Johann Wolfgang von Goethe

Yet again I’m forced to side with the grinning David Davis.  This doesn’t happen often and is embarrassing to admit!.

ConDem Coalition Pledges Broken!

ConDem Coalition Pledges Broken!

It’s all about the government plans to allow full-scale unauthorised real-time monitoring of every person in the UK’s internet activity!  It’s so 1984.

“It was a bright cold day in April, and the clocks were striking thirteen” – (George Orwell: Nineteen Eighty-Four
.

Orwell must be turning in his grave in despair that what he predicted as a warning about what not to do, now looks like coming to fruition.

Remarkably, since wangling themselves into government, the conservative-libdem coalition government is now actually dropping a key part of their manifesto which they laboriously agreed two years ago.  This can still be found on the government website, page 11 to be exact (pdf) .  Here’s what they said:

  • The Government believes that the British state has become too authoritarian…. We need to restore the rights of individuals in the face of encroaching state power – FAIL
  • …reverse the substantial erosion of civil liberties and roll back state intrusion – FAIL
  • … introduce safeguards against the misuse of anti-terrorism legislation – FAIL
  • …end the storage of internet and email records without good reason – FAIL
  • …a British Bill of Rights that … protects and extends British liberties – FAIL

(Actually, the whole Con-Dem pledge list makes good reading to see just how far removed from it our evil diktat of quangos has become.)

So what to do – use TOR.

ID Cards

Johann Wolfgang Goethe

Johann Wolfgang Goethe (Photo credit: andreasmarx)

Not so long ago I was haranguing the former Labour government about their plans for ID Cards, their laws over CCTV and photographing in public places, the reduction  in privacy for individuals and the removal of our civil rights over detention without trial, due cause and 3rd party notification for first 90 days and them 42 days.

I left the Labour Party because of it and have not rejoined.

Huge Vocal Resentment Against UK Government Secret Citizen Monitoring Plans.

try the Tor browser bundle

The new news (I thought it was an April Fool joke initially!) is that Email and web use is ‘to be monitored’ under new laws proposed by this nasty, nasty government.  Happily, there is now a huge and vociferous resentment against this from the general public who can see this evil act for what it is.  Top among them is David Davis!  See this link and the thousands of comments for instance; Backlash over email and web monitoring plan.

Clueless

LONDON, UNITED KINGDOM - JUNE 14

Now, the tories and their liberal stooges have been shown to be both serially evil in their pronouncements and plans, and also serially incompetent of managing almost anything.

Their pathetic management of a minor industrial dispute (the fuel shortage) which did nothing except invoke almost universal resentment of the coalition and reawaken a general awareness of their ineffectiveness comes on top of stripping the very foundations away from one of UK society’s greatest inventions of the Industrial Age, our National Health Service (NHS).

United Kingdom

Top this behavioural abomination with that of the revolving door policy between banking and politics which they continue to promote with zero penalties for failure while the population-at-large have to prop up the whole system with their taxes means only two things to me.

  1. The government must do something desperate to have any hope of re-election in 3 years – this means either war (patriotism is the last refuge of a scoundrel) or economic boom-and-bust gambling.
  2. They will do something desperate to have any hope of re-election in 3 years – this means either war (patriotism is the last refuge of a scoundrel) or economic boom-and-bust gambling.

Astute folk will see this as my prediction for government actions over the next 3 years.

Tories: Keep Friends Happy

Meanwhile, hundreds of extra Tory donors will soon be available to bankroll the “all is good” story.  They will arrive as beneficiaries of the windfall provided as the “former NHS” contracts are handed out to friends, much like Michael Ashcroft benefited from the first round of NHS privatisation during the Thatcher era.  This article on Powerbase and this one (sourced from a now defunct article in The Scotsman) show quite clearly that 1/3 of cleaning contracts went to Ashcroft’s businesses during this time, saying;

MICHAEL Ashcroft, (…) bankrolled an “independent” publicity campaign that allowed his multi-million-pound contract cleaning empire to prosper and led to a change in the law. The campaign was run from the London office of the former Conservative Scottish secretary, Michael Forsyth. A spokesman for Mr Ashcroft confirmed last night that he had contributed to the Public and Local Service Efficiency Campaign (PULSE), which was set up in 1985 to persuade the public sector to contract out services such as cleaning and catering. The campaign had been disbanded by the end of the 1980s after the Conservative government passed the 1988 Local Government Act .  Mr Ashcroft’s Hawley Services Group, a contract cleaning firm later known as ADT, flourished under the new regime, with ADT, winning a third of NHS contracts between 1983 and 1988.

For further information into the depths that the Tories will go to enable all public money to be fed straight to their business friends, see this article which pulls apart the dealings of Ashcroft, discredited Dame Shirley Porter, NIMBY Nicholas Ridley, Chris Chope (the dog turd of Christchurch) and current (dodgy expenses, remember) minister Eric Pickles.

THE PICKLES PAPERS

By Tony Grogan
First published by 1 IN 12 PUBLICATIONS 1989
21 – 23 Albion St. Bradford 1.
Copyright 1 IN 12 Publications 1989
ISBN 0 948994 04 5

Once read, apply the same logic to our dear NHS, and weep again.  The same modus operandi is being used;

  1. discredit the current, imply alternatives are better;
  2. farm out internal monies to external Tory benefactors.

It’s just more sleaze just like under Thatcher before, backed up with warlike rhetoric.  Remember, only 10 days ago we had the news of billionaire Tory donors at Cameron’s dinner table, and Cameron trying to defend the cash-for-access news that made Labour’s cash-for-questions scandal appear like a sweetshop-ish wheeze in comparison.  See 

Tory Party chairman Lord Feldman was one of the key figures in the ‘cash for access’ scandal which erupted after Tory party treasurer Peter Cruddas was caught offering a private dinner with David Cameron to undercover reporters who posed as wealthy party donors.  Read more: http://www.dailymail.co.uk/debate/article-2123692/Tory-cash-access-row-David-Cameron-crony-pal-cash-questions.html

as well.

Enhanced by Zemanta

Related Posts:

WordPress Permalinks Generated But Not Redirected

Introduction

Appalled

Appalled

I’ve had a few site problems whereby my host Site 5, said I was using too many resources and crashing their systems.  Naturally, I was appalled.  I traced this to a variety of plugins plus some errors in php files which must have arrived either during the periodic updates or during editing.  These were errors whereby extra text (either blank space or a carriage return to be precise) were added to the end of the php file, which usually makes it fail.  This a is a Google search on the main error I received,

Warning: Cannot modify header information – headers already sent …  (  This is then followed by error details; usually error on line xx, repeated several times for a variety of xx)

After battling for some time, I just gave up, exported my database key tables (things like posts, comments, etc but omitting plugin inserted tables and the very large options table which I deemed to be very bloated after over five years of continuous WordPress operation…!) and re-installed WordPress as a fresh installation on my server.

Weird Permalink Problem Following Clean Install of WordPress

This is where the weird problem arose….

SP Permalink Settings

SP Permalink Settings

When one installs WordPress for the first time, permalinks are set to the default – so this current post would be:

 http://strangelyperfect.tv/?p=11622

For SEO reasons and for many years I’ve used the format shown in the screenshot from my site shown left.  This current post will thus appear as:

http://strangelyperfect.tv/11622/wordpress-permalinks-generated-but-not-redirected

It’s a “Custom Structure” and the .htaccess file is updated automatically by WordPress when you set it.  You’ll see it’s set to:

/%post_id%/%postname%/

Now, on firing up a post, say this one,

http://strangelyperfect.tv/11428/victory-or-is-it-victory-jesse-willms-surrenders-all-to-ftc-onslaught/ ,

the actual web address I was taken to was:

http://strangelyperfect.tv/%post_id%/victory-or-is-it-victory-jesse-willms-surrenders-all-to-ftc-onslaught/  (error shown in bold)

…which redirected to the homepage of the site, http://strangelyperfect.tv/   This was not what I was expecting!  So I played with the slashes, went back to original simple permalink structure, tried some of the suggested structures – and they all worked!

A custom structure of /%postname%/ worked as well, but not the one I wanted and have used for years.

Weird.   So naturally, I tried Google.

Permalink Redirection Problem Solved.

There’s a lot on the web about this.  Most is about getting .htaccess right with permissions and the code.  But mine was okay, as were all the other suggestions to try.

A real key to resolving my problem was here, Custom Permalinks Generated But Not Redirected in the WordPress forums.  Specifically, it comes from the user, James, a Happiness Engineer!

He suggested adding index.php between the domain name and permalink structure.  So my custom structure changed to:

index.php/%post_id%/%postname%/

WordPress added a leading slash on the save and the website worked!  WAHAY!

However, the best is yet to come….

I thought that the URL was now not pretty, in fact, it was pretty ugly.  The URLs were now being shown like:

http://strangelyperfect.tv/11428/victory-or-is-it-victory-jesse-willms-surrenders-all-to-ftc-onslaught/

So I removed the index.php and reset the custom structure to what I wanted – /%post_id%/%postname%/

It worked!  WAHAY!  All posts’ URLs redirecting  how I wanted!

Conclusion

I’ve no idea, actually.  I’m suspecting some caching, somewhere down the great inter-tubes in the sky, but apart from that…………..?

  • Was it my server?  Dunno.
  • Was it DNS caching?  Dunno.
  • Was it ISP caching? Dunno

All I know is that it’s working now, and the Happiness Engineer’s suggestion sent me on my way, happy.


Postscript – added 22/11/2015

My permalinks in 2015

My permalinks in 2015

Since this time, I have not had to use the index.php fix, and the permalinks are all working correctly.  The flip-flip of adding and removing the fix….just seemed to work!

NoIdeaDeer


 

Enhanced by Zemanta

Related Posts:

Try Firefox, Nightly, 64 bit

Testing Firefox 64-bit Right Now!

Actually, I tried the 64 bit installs of Firefox and Internet Explorer soon after I installed this Windows 7 64 bit Operating System.  They were both pants and summarily removed from my hard drives and I haven’t revisited for over 2 years….

Firefox Nightly

Firefox Nightly

But now things seem on the up.

64-bit is now mainstream with a large 64-bit user base and fewer and fewer 32-bit applications seeing regular usage against the 64-bit versions.  This is Firefox’s “about” info (above) from this browser.  It’s called “Nightly”, and actually (whispers to one side), it’s very good…!!!   Miles better than before, which made the machine crash….

It’s….

  • Faster
  • Worked first time
  • Installed okay.
  • Needed Flash plugins which were directly available, and work!
  • Worked okay with all my current plugins – Web Developer, Flagfox, Quirk SearchStatus and the rest.  Amazing.  They all worked!
  • Got it’s own icon
  • Installs into it’s own folder separate to Firefox
  • Carries over all Firefox settings & shortcuts.
  • Carries over all Firefox add-ons & plugins, if they work.
  • only needed a new Flash install to get it working the way it was on 32-bit

So now I’m going to try 64-bit browsing as a real test.

Extra Information

Download Links
32 v 64
  • You need a 64-bit Operating System as well as a 64-bit processor to run 64-bit applications.
  • 32-bit Windows running on a 64-bit AMD processor (for example), won’t work.

 

Related Posts:

Hacked – I was a possible Malware Site for tructuyenso.vn!

Introduction

A few days ago I got hacked.  I quickly ripped out a heap of dodgy files left by the hackers but for some days now, Firefox, my browser, while viewing pages on this website, has been saying that it’s “downloading data from tructuyenso.vn… “.

.htaccess

This, of course, was not actually happening, as I’ve put the blockers on the whole of Vietnam using .htaccess!  The reason for this is that initially, tructuyenso wasn’t the only site appearing in the progress tip – there was another which lasted until I got rid of the various files dumped on my website.  This is how:

<Limit GET POST>
order allow,deny
deny from 112.0.0.0/8
allow from all
</Limit>

However, the call was still being made from somewhere on my site as the progress indicator wouldn’t stop….

Site5 Search

A search for the string “tructuyenso.vn” turned up nothing in the files on my website using my website host’s file manager.  (In the end, this was my failing and I will not rely on the thing again!)

A search through my database also turned up zero.

TCPView

TCPView is a download from Sysinternals.com  (now Microsoft!) that shows the various net connections being made to one’s PC from everywhere.  This immediately showed that as soon as the main strangelyperfect.tv website (not the backend WordPress admin area), fired up in Firefox, as many as 7 connections were simultaneously made to 112.78.15.230……  This is the IP address that holds tructuyenso.vn, plus 11 other domains, some of which I’d seen flash through the progress bar.

Even when closed by TCPView, the connections would immediately start up again to the same IP address, 112.78.15.230  (manually closing strangelyperfect.tv stopped the connections).

Reverse IP on tructuyenso.vn

Reverse IP on tructuyenso.vn

YouGetSignal.com shows the domains up nicely in the screenshot above..

Result!

Finding nowt anywhere and Google searches providing zilch on the website in question except in Vietnamese, I turned to the WordPress Codex, specifically, https://codex.wordpress.org/FAQ_My_site_was_hacked

I had of course previously changed my FTP, mySQL databaase and site management passwords, but the link at the bottom to a Website malware & blacklist scan (Sucuri) was the killer!  On visiting Sucuri, it instantly said that I was acting as a host for malware and gave the offending results, for free! (Of course, I wasn’t hosting malware – just that it gave an indication that I was and hence the slowness of the site to load as it tried and failed to download shite my way from Vietnam)

This is their take on it: http://sucuri.net/malware/malware-entry-mwiframehd202

Final Cause and Clean Up

Checking the source code for my homepage (which in retrospect I should have done first!!) threw up “tructuyenso.vn” right at the very bottom.  This is the code as it was when I checked:

<a href="http://tructuyenso.vn" title="Quang cao truc tuyen | Ban hang truc tuyen | Dien dan quang cao truc tuyen" > Quang cao truc tuyen</a>
<iframe marginWidth="0" marginHeight="0" frameBorder="0" width="0" height="0" bottommargin="0" rightmargin="0" leftmargin="0" topmargin="0" nosize scrolling="no" src="http://tructuyenso.vn/"></iframe>
</body>
</html>

This was then easily traced to the footer.php file in my theme, Suffusion.

It was simply stripped out and the website then worked fine…..  but to be sure, I have downloaded then checked the footer file in a fresh theme download to be sure – it’s clean!  I then uploaded a whole clean Suffusion theme in it’s entirety just in case any other theme files were compromised during the original hack yet were dormant, waiting for a trigger.

A recheck on Securi shows my website to be okay now.  See screendump below.   I’ll be using Securi  a lot more!

Securi Site Check

Securi Site Check

Related Posts:

Comments are closed

Turkish Hacker-Crackers, perhaps?

A Cracking Week Off?

I had a week’s holiday of sorts last week.  On returning I found that this website had been cracked. (I already had intimations that something was wrong because of site stat failures and an email from @Justin Asking, sometime commenter to this website and others).  Anyway, so it was.  Unfortunately, I didn’t have good web access so was unable to correct things properly.

The main screen, viewable on zone-h here, was replaced by this,

Site Hack Aug 2011

Site Hack Aug 2011

A neat little JavaScript mouse trailer was part of the package!

The cause was my own – a wide-open directory made so as part of an image upload plugin for my WordPress installation.  This plugin makes it easy and neat for any commenter to add material to the website……unfortunately for me, it allowed any file, with active content or not, to be uploaded.

Needless to say, the plugin is now disabled and the directory is locked down to the specific  file types that I’ll accept.  No more active content allowed there matey!

Unwanted Extras

Once the nasty files were uploaded, the internal site privileges allowed the install of a swathe of .htm files to the site root and uploads folder.  These had various names like f.htm, g.htm etc.  Index.htm was the file on show.

Alongside these, apart from files needed to run the previously mentioned JavaScript, were another swathe of .phtml files, such as joker.phtml, which are actually php code shining as html.  A couple of plain text files had also been uploaded.  These had lists of files, sites and persons.

All .htaccess files were okay as well as the WordPress installation files.  To be sure, I redid the WordPress install from scratch with fresh downloaded files..

Finale

All told, about fifty files were dumped on my website.  I’ve hopefully removed the lot and have them downloaded for analysis at a later date.  The screen content and internal code all points to Turkish or S.E. Asian (Vietnam or Indonesia) Muslim crackers (I refuse to use the hacker term except to clarify the cracking of security by it’s now-common usage).  Saying this, the culprits (the code points to several authors who used freely downloadable files from cracking websites and then proudly expected a pat on the back for their extreme skill at doing a download…like….der….), the culprits could have come from anywhere.

Fifth columnists and agent-provocateurs are nothing new.

Interestingly, being cracked puts me in the same company as at least 186 well-known multinational businesses, such as Acer, Vodaphone, BetFair, The Daily Telegraph, The Register, Spam.Org, Victoria Beckham and Destiny’s Child.

Even System of a Down dot com, was down!

Zone-h’s full list is here.  The Register reports it here, The Guardian here.

The Guardian interview with the crackers notes that the culprits had been planning the attack for some time which obviously includes the time when my site was compromised.  I don’t know if my website was actually used as part of the above DNS server attack but it’s usual for an attack like a DDOS to use several vectors and simultaneous attack points in order to force a server to fail and dump code.  This dump then reveals passwords and the like for later use.

Addendum

WordPress.Org’s forum has a posting about this crack from last week.  A Google search in the comment by RedNeckTexan shows the attack on this website to be far from unique….!   The links I’ve followed go right to the heart of the crack and the people doing the cracking.

This is the Google Search on the “Easy Comment Uploader” plugin.  Like me, RedNeckTexan has pulled the plugin for now, which can be found in the WordPress repository here.

Related Posts:

Comments are closed

© 2007-2017 Strangely Perfect All Rights Reserved -- Copyright notice by me