Open Source Quote of the day

Posted on March 31, 2006 by datapoohbah

Found in a discussion forum I belong to debating the merits of developing software (for profit) for a device that runs Linux as its OS vs. one that is proprietary and the roadblocks therein.

Back in the real world, people are incredibly cheap, and they will
suffer the most miserable piece of junk as long as it’s free. Often the _only_ real ‘feature’ of OSS is that it’s free. OpenOffice versus MS Office? Linux versus XP? GIMP versus Photoshop? Puh-lease. If any of those had a pricetag they would have been stillborn. -TC

Technorati Tags: Open Source, Quotes, Free Software, Ouch

Some Good Advice

Posted on March 30, 2006 by CmdrChalupa

You Had Me At EHLO:

If you have access to Exchange 12 CTP build or even are a part of the Exchange 12 Beta program, DO NOT install Exchange 12 into your production environment. Exchange 12 will extend your Active Directory schema and it will change permissioning on Exchange organization and other objects which, in this early stage, might cause interoperability issues.

Somehow it hadn’t occurred to me to replace our solid and stable production exchange 2003 that our business wouldn’t run without with a Microsoft Beta of Exchange 12.

Thanks guys I’ll take that under advisement. It’s scary to think that someone out there actually needs this advice.

Need flowers and grave decorations for that special dead person?

Posted on March 29, 2006 by datapoohbah

Check out Memorial Silks.com

They have everything you can imagine for lasting flower arrangments and stuff to spruce up a grave site.

My personal favorite is the solar lighted stuff… available here.

Now where is the solar powered lighted Harley?

I don’t mean to make light of dead people cause well, we are all going to be one eventually.

But Solar Powered grave decorations, now that is a use of technology right there.

Technorati Tags: Dead, Tech, Solar, Grave, Light

CA Antivirus vs. Holy Water.

Posted on March 29, 2006 by datapoohbah

I have never been a big fan of CA‘s products.

I was on the phone today with one of our vendors.

I nearly fell out of my chair when they quoted their security specialist who said; “Protecting your computer with CA Antivirus? You’re better off splashing holy water on your PC”. Best part is they are a big CA vendor too.

I knew Trend was better. Holy Water and PC’s just don’t mix.

Technorati Tags: CA Antivirus, Trend Micro, Holy Water

The Spider of Doom [Daily WTF]

Posted on March 28, 2006 by datapoohbah

Very nice. Nice indeed.

The Spider of Doom
or
How Google ate my Website

Josh Breckman worked for a company that landed a contract to develop a content management system for a fairly large government website. Much of the project involved developing a content management system so that employees would be able to build and maintain the ever-changing content for their site.

Because they already had an existing website with a lot of content, the customer wanted to take the opportunity to reorganize and upload all the content into the new site before it went live. As you might imagine, this was a fairly time consuming process. But after a few months, they had finally put all the content into the system and opened it up to the Internet.

Things went pretty well for a few days after going live. But, on day six, things went not-so-well: all of the content on the website had completely vanished and all pages led to the default “please enter content” page. Whoops.

Josh was called in to investigate and noticed that one particularly troublesome external IP had gone in and deleted *all* of the content on the system. The IP didn’t belong to some overseas hacker bent on destroying helpful government information. It resolved to googlebot.com, Google’s very own web crawling spider. Whoops.

After quite a bit of research (and scrambling around to find a non-corrupt backup), Josh found the problem. A user copied and pasted some content from one page to another, including an “edit” hyperlink to edit the content on the page. Normally, this wouldn’t be an issue, since an outside user would need to enter a name and password. But, the CMS authentication subsystem didn’t take into account the sophisticated hacking techniques of Google’s spider. Whoops.

As it turns out, Google’s spider doesn’t use cookies, which means that it can easily bypass a check for the “isLoggedOn” cookie to be “false”. It also doesn’t pay attention to Javascript, which would normally prompt and redirect users who are not logged on. It does, however, follow every hyperlink on every page it finds, including those with “Delete Page” in the title. Whoops.

After all was said and done, Josh was able to restore a fairly older version of the site from backups. He brought up the root cause — that security could be beaten by disabiling cookies and javascript — but management didn’t quite see what was wrong with that. Instead, they told the client to NEVER copy paste content from other pages.

Originally Posted Here on The Daily WTF

mod_rewrite madness

Posted on March 28, 2006 by CmdrChalupa

This shouldn’t be that hard but I want to configure our wikipedia server so that when I type in http://wiki , the server redirects me to http://servername.company.com/wiki

mod_rewrite can do this but if you are unfamiliar with the terminology it looks like alien hieroglyphics.

Hence somebody wrote this up, which is coming in handy. If your going to have a language that is completely obtuse, at least it’s nice to have it documented.

Datapoohbah.com

*All Things Tech & No We Won’t Fix Your Computer

Monthly Archives: March 2006