Archive Page 38

TenthOfMarch Down For 17 Hours!

Published April 24, 2007 in Domain & Hosting. 16 Comments

(… and I hear a voice from a distance asking, “Why not forever?”)

I have heard some people saying that some things/people cannot be praised or else it/they will end up screwing up things. I guess me praising my web hosting company (ServerFreak) just a day ago ended up with you guys staring at the screen below for the past 17 hours.

Page Not Found

(In an attempt to recreate the screenshot above, I opened a URL that doesn’t (shouldn’t) exist — dafasdfasdfasdf.com. What are the odds for a domain like that to be registered, right? Now, try it dafasdfasdfasdf.com)

So, does that means I am ready to give ServerFreak the biggest slap on the face? Never! In fact, I don’t blame them at all. But, someone has to be blamed, right? So, who? Netmyne! Why? The server is hosted there loh! Duh!

**********

Update: Hmmm…seems like ServerFreak bought the server. Netmyne’s job is just to host it only. But still, I don’t blame ServerFreak. *frantically looking for an excuse to blame Netmyne* Ahhh….I know. Must be the fengshui at Netmyne not good, that’s why the harddisk broke!

**********

The server has been running for maybe a month or so only and the harddisk is already broken. After a few minutes of damage assessment, I realized I lost my previous post and some comments. I also lost 2 votes in my first poll. ARGGHHH!!! But luckily I have a copy of the previous post in my local drive and I remember what the two votes were. As for the comments, I can retrieve them from my mailbox. At the end of the day, the damages were minimal. *phewww*

They replaced the faulty harddisk with a new one. I will try to remind myself to make a backup once every two days or so, for the next 30 days. That is because if a new harddisk has any manufacturing defects, it should show by then (I think). Anyway, it’s better to be safe than sorry.

On an unrelated topic, support my attempt to increase awareness on scams! Read this post and vote. There is 5 more days to prepare a post for it. On 30th April 2007, those who are willing to join this campaign will need to publish a post regarding scams in their own blog(s). If this campaign is successful, we can even do it a “monthly thing” — one post at the end of every month. I even made an ugly banner/button for it. Can someone please help design a better one?

Scam Awareness Campaign

UPDATE: If you commented in my post but don’t see it there anymore, don’t worry. I’ll add those comments back soon.

UPDATE 2: All comments were added back up. *BIG LONG SIGGHHH* What I need to do next, is to RE-ANSWER all the comments again. DEJAVU. LOL!

UPDATE 3: All done. Everything is back to normal. *exhausted*

Stumble it!   Share it!   Subscribe to my feed

More Bugs Found In Advertlets’ System

Published April 24, 2007 in Advertlets. 19 Comments

This is getting ridiculous. After all the suggestions and bugs I found in the Part One and Part Two of my reviews, and a short follow up here, the Advertlets’ team don’t seem to have learned anything at all! I wonder if they ever will.

So, they have done some changes to their system AFTER reading my reviews. To summarize the whole story, those bugs I found shouldn’t even be there in the first place. Proper testing of the system would have ensured those bugs were found and fixed BEFORE their system was launched. Having bugs like that after over 300 people have registered an account with them could be very dangerous. That proves that they did not conduct a proper test on their system before it was launched.

I don’t believe that they have learned their lesson because if they did, I wouldn’t have found another bug in their system. This is not some MAJOR bug but it does prove that they did not conduct a proper test before releasing their new updates.

They provided a new option in their publisher’s admin area called, “Change Your Password“. As the name suggests, you may use it to change your password (which I highly recommend you to do). The funny thing is that they enforce a minimum 6 characters password during registration but do not enforce the same rule when a user changes their password. I tried changing my 10 characters password to a 1 character password, and it was accepted.

*sigh* I am your user, not your beta alpha unit tester, ok?

Stumble it!   Share it!   Subscribe to my feed

TenthOfMarch Calling Out For Help To Fight Internet Scams!

Published April 22, 2007 in Personal. 19 Comments

Yesterday, I read two articles in the newspaper with great concern.

Article #1: Student falls victim to Net scam
Article #2: Millions lost in e-invest scam

Scams — online or offline — are real. The hazards are real. Despite efforts from various parties trying to educate the public regarding scams, somehow the message is just not reaching out.

Take Article #1 for example; the victim was actually conned TWICE totaling RM148,000 on the same day and by the same group of people. The first attempt saw her losing RM46,000. Having caught a naive victim, her perpetrator tried to con her again. This time, using a bigger cash prize (RM3.2mil) as the bait. Unfortunately, the poor victim fell for it.

We have probably read, heard or saw news about people falling for scams. The victims range from Datuks to lawyers to college students to housewives. Most of them are well educated people but yet they fail to identify these scams. There is nothing to be blamed but the lack of awareness itself. In the past week, I read two blogger’s post regarding scams through the Internet and SMS.

Scams and other methods of fraud will not cease by itself. In fact, it will only grow and strengthen as new techniques and methods are used. Therefore, to solve this problem I suggest we, bloggers run a “Scam Awareness Campaign“. We will use our blogs to spread the message, warning readers to be aware of scams.

We can set a date (eg. 30th April 2007), where on that date, all bloggers who are willing to join this campaign will write a post about scams in their own blog(s). It can be about how to identify scams, latest scams techniques, scam prevention or any other related topic. The post don’t need to be long. Even a “Beware of scam!” message is sufficient. This is an opportunity to spread the message to help reduce the rate of scams.

You don’t have to be a Malaysian or are currently residing in Malaysia to join this campaign. This is because scams happen throughout the world. Check this and this out. The most important thing is, this campaign is FREE. You don’t pay anything to run it. Of course, unless you say, “I pay for this site. Every alphabets, I pay for” (just joking). But hey, it is for a good cause.

Shoot for the moon. Even if you miss it you will land among the stars.
– Les Brown

It would be great if I can gather a large number of bloggers to join this campaign. However, to not be alone at the end, would suffice.

If you have any other ideas or suggestions to help promote this campaign, please leave a comment. To help me better understand the possible response of this campaign, please answer the poll below. Thank you.

**********

Will you join the scam awareness campaign?
View Results

UPDATE: I found another blog entry regarding scam. Go read her entry on how a live scam would have been like.

UPDATE 2: I wrote two posts in the past about scams as well. Check them out here and here.

UPDATE 3: Yet another post from LiewCF entitled, “Why Join Internet Investment Schemes“. At first glance, I thought he was ENCOURAGING people to join Internet investment schemes! LOL! However, after reading his post, I realize he was advising people against it. It’s a good read.

Stumble it!   Share it!   Subscribe to my feed

Advertlets’ Explanation To Why They Were “Lazy” And “Amateurish”

Published April 19, 2007 in Advertlets. 38 Comments

In the first part of my review on Advertlets, I used the words lazy, amateurish and shoddy work to describe the design, bugs and quality of work that I found in their system. I was challenged to it but it was answered by these comments (here, here and here).

I received an explanation from Firdauz (from Advertlets) which was supposed to ‘cover-up’ all the laziness, amateurish, shoddy work and maybe even possible password vulnerability that I found.

What’s assumed as laziness and amateurish was in fact; our best decision at that particular time.

Even up till this point in time, they have never stated that the users’ passwords in their system IS ENCRYPTED. They mentioned how their system was capable of warding off “SQL injection, brute force attacks, URL guessing, and social engineering” and that their system is “indeed secure, and we can vouch for the protection of your data and password“.

However, the question to be answered is, “Are the users’ passwords encrypted?” It doesn’t matter if their system is 100% “unhackable” from the outside, encrypting the users’ passwords are considered the fundamental practice in developing a system. The users’ passwords should NEVER be stored in plain text no matter how secure a system may seem to be — that’s the standard principle.

mooiness gave his point of view:

But you don’t let loose an application which fails one of the most basic principles, ie. password security.

You(r) best decision at the time should not have been this. To me, it sounded like you guys rushed it out the door so that you got something to show.

No - your best decision at the time should have been to put yourselves in the shoes of a user and whack the system as hard as you can.

One point that I missed out in my review is that they neglected one of the basic password security feature — setting a minimum password length. According to this and this, the minimum length of a password must be at least 6 or 7 characters to be considered as standard. Shorter passwords are considered WEAK and are more vulnerable.

However, I have tested and their system allows passwords as short as ONE character. I have one account’s password which is “a” and another account’s password which is “abc“. Let’s hope they did not neglect the most important security feature — encrypting the passwords.

If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.
(Weinberg’s Second Law)

What do you think?

Stumble it!   Share it!   Subscribe to my feed

Remove And Block SiteMeter’s Specificclick.net

Published April 19, 2007 in Tech News. 11 Comments

The controversy of SiteMeter installing ‘spyware cookies‘ on their user website’s visitors without any of their consent continues. Apparently, the SiteMeter Team posted a reply on the spyware allegations. Despite that, an individual suggested SiteMeter did not post any reply in their blog to prevent those who haven’t already know to get to know about it.

Check out this post to read what others think and feel about the whole spyware cookie episode.

The “spyware cookie” that is created on the user’s computer without their consent is named specificclick.net. Well, it is impossible to tell the whole world to stop using SiteMeter. However, what you can do is to protect yourself against it. It doesn’t matter if you do not have a blog or a website. As long as you have been surfing the Internet for the past 1 month, chances are your computer has already been infected.

What you need to do now is to check if your computer has already been infected. If it has, you will need to remove the cookie first. Then, you will need to block the cookie to prevent future infections. Michael Sync provided a detailed step-by-step instruction on how to remove specificclick.net and how to block it from future infections.

After you have finished all the steps, enter a website or a blog that has a SiteMeter counter in it. Check the cookies that was accepted in that session after the page has been fully loaded. If the specificclick.net cookie is no where to be seen, your ‘patch’ is successful.

Humans make mistakes. However, some mistakes can be avoided. SiteMeter sold out their users’ trust. Now, it is time to bare the consequences.

Stumble it!   Share it!   Subscribe to my feed

Page 38 of 45« First...«3536373839404142»...Last »

My Other Blog

ChanKelwin.com

Enter your email address:

Delivered by FeedBurner

Twitter Updates

     

    Top Commenters

    • asrul (4)
    • Emiratez (4)
    • Ahmad_Dhani (2)
    • ekudanG (1)
    • mari, from georgia (1)
    • Raymond Wong (1)
    • rehan (1)
    • Roque (1)
    • Siew Wei Choi (1)
    Close
    E-mail It