О плагиате в блогосфере

Плагиат – одна из штуковин, которыми про-блоггеры пугают начинающих веб-журналистов.

Признаться, было неприятно, попав на страничку, увидеть в самом верху, в качестве основной темы, мой собственный текст (пост о телефонном коде Украины), воспроизведённый точь-в-точь.

Continue reading

WordPress passwords, password reset – insecure key length

You’ve probably already noticed how the default WordPress passwords (those generated during install for the admin user) are too short. So you did change yours right after the installation, didn’t you?

Now bad news.

As the system security is always only as good as its weakest link, your well chosen long WordPress password (or was it passphrase?) is no better than the default one.

Apparently it only takes guessing a 32-bit key and an email address for the user in question – secret components of the reset link for WP – to reset a WordPress password into another 32-bit key, the length of the passwords generated by WordPress.

Of course 32 bits isn’t too bad, that’ll take 136 years to try by brute-force all the key space assuming 1 second per try (which is not unreasonable in the web realm). But anyway wouldn’t it be just a little bit more soothing to have all those keys/passwords say 64 bit long?

17-летняя веб-дизайнерша сделала сайт на миллион $$

Ashley QuallsТри года назад Ashley Qualls попросила у мамы $8 на регистрацию домена Whateverlife.com для своего хобби – создание и раздавание одноклассницам макетов дизайна для MySpace. Как оказалось, это была первая (и единственная) инвестиция в её веб-бизнес, который сейчас приносит $70,000 в месяц и уже заработано более миллиона долларов.

Continue reading

Ещё пример корпоративного блога: Cisco

В дополнение к статье “Корпоративные блоги – будущее PR” – приведу ещё один пример, как стоит вести корпоративный блог: blogs.cisco.com.

Обратите внимание на комментарий, в котором читатель блога резонно критикует компанию, одним из основных направлений бизнеса которой является поставка распределённых веб решений, устойчивых к единичным отказам, и которая пострадала из-за именно такого отказа в их главном дата-центре в Сан-Франциско. Главный сайт компании был недоступен в течение 3 часов.

Грибы в Киеве (вики-спам)

Самый приятный за последнее время спам пришёл в понедельник на… экспериментальный вики-сайт wiki.kiev.ua


Что ж, довольно оригинально. Создаётся статья со ссылками и беспроблемно передаётся на все вики-инсталляции, которые только можно найти в интернет.

И хотя тема грибоводства (почти) совсем не подходит для Вики-Киев, я всё равно не против – добавление любых (более-менее приличных) новых статей лучше, чем длительная заморозка из-за недостатка внимания к проекту.

Киевстар закрыл дыру в веб-интерфейсе отправки SMS

Странички http://www.kyivstar.net/_sms.html больше не существует, вместо неё появилась замена – http://www.kyivstar.net/_sms_new.html

С этим обновлением пропала возможность автоматизированной (машинной) рассылки SMS на все украинские мобильные сети GSM через www-шлюз Киевстар (СМС с номером отправителя “777“)
Continue reading

Google tightens nuts on privacy even further with personalized search

A planned feature announced by Google – “personalized search” (also here) is surely to go along the Google’s party line with invading people’s privacy. In the article we even see how they adapt to the modern public trend of suspecting Google in all the evils by mentioning how they “value” privacy, how users will be able to opt-in and such. Nothing really new in this news.

On the other hand, Google is no doubt to help myriads of those with ADD by this new service.

Indeed, if you, like me, do like the variety of the generic SERP’s with lots of [slightly] unexpected results you can easily be distracted from the main topic you are researching. And since the majority of folks on the web who suffer from ADD would find this feature curative to them, Google is to celebrate another success on the way to it’s Grand Goal.

Also notable here is the subtle evidence of enormous Internet growth. Some 10 years ago you might feel lucky having only a handful of results returned to many of usual searches, now to most searches, even elaborated ones, you often get millions of results – so the search engines now really have got the material to work with.

EnterEX 2007 / expoTEL 2007 – the host of crooks

EnterEXEnterEX 2007 seems to prove to be not only the total failure (in terms of mass last-minute revoked participations) after 2006’s peak exhibition performance, but also a host of choice for the world-class scammers.

[Russian] Выставка Информационные технологии для бизнеса EnterEX 2007 показала себя не только, как грандиозный провал после успеха 2006 года, но и как пристанище для мошенников мирового класса.
Continue reading

Automatic Year in the site’s Copyright notice

If you happen to deal with a website template having the copyright year (the four digits at the bottom of virtually every www page on earth) hardcoded as a number in its PHP files, replace it with the following string:


and you’ll be surprising your visitors with great immediacy every year in its very first minutes!

(requires “short tags” enabled in PHP configuration)

Akismet anti-spam exaggerating efficiency by 10x

Being generally happy with Akismet spam protection plugin for WordPress 2.0, I’m still kept from total happyness by a fly in the ointment.

Before enabling Akismet I used to use a built-in setting in WordPress called “Comment Moderation” (“Hold a comment in the queue if it contains more than N links.”) Of course, “a common characteristic of comment spam is a large number of hyperlinks” is a pretty dubious spam filter and I did get hundreds of spams in short periods of time with it enabled. But surprisingly or not, now I constantly see about 90% of all spam caught by Akismet being that kind of spam with multiple links (I used “2 links” as a trigger for holding comments). That is, Akismet takes bulk of the spam caught by WordPress and misappropriates it to its own portfolio!

So I’m wondering if Akismet really benefits from breaking this standard feature. Surely they could reduce load on their servers by quite a few-fold having they left the feature alone. Moreover, WordPress webmasters are usually up on with this sort of things and are but irritated with the crazy spam counters in Akismet tab.

I realize Akismet is trying to enjoy powerful promotion in this manner, but doesn’t it go too far by depriving users of the right to judge its effectiveness adequately? Really, the spam count is absolutely irrelevant this way; it’s like telling the size of computer network by the number of copper nuclei constituting all the wires of the network.

Bayesian filtering is nothing new and Akismet may easily loose the competition to a more honest operator. Even more so in the situation where operational data ages quickly and new players catch up promptly with the veterans.