Random Synapses

Thanks to WeblogToolsCollection, I found out that there is a proper way to blog in order to have a successful blog.

Nice piece of work. Funny, mostly. But fundamentally wrong.

These rules are like a nerd’s list of things to do to be popular in highschool. What’s trendy to wear, what’s cool to say, what kind of hairstyle others like. It’s stupid! My blog reflects me, who I am and how I normally behave. I don’t suffer from multiple personality disorder to need to cuss like a sailor on my blog, then be embarassed to give the address to family and friends. Why should I cuss, do something I don’t like, hide under a fake name, bring up subjects on religion/politics/sex and so on if I don’t want to? Just because I’m desperate for attention and want my blog to be visited by other similar perverted twits with no real lives who read tons of blogs to fill up their empty days?!

I don’t write because I want others to read and praise me and link to me and leave nice comments. I write because I want to write. If nobody reads this blog, fine with me. It’s not a service I’m doing to the others the way they want me to. I don’t want to change my blog by others’ standards, likes or dislikes. I don’t care if they like photos and coloring books. “A photo is worth a thousand words.” Fine, I’m not lazy, I can write a thousand words and gain a lot more from doing that than from posting one stupid photo. Write daily? More is not necessarily better. This blog is not a newsroom. Learn to refine your important thoughts and bring value to your blog instead of increasing the online junk with every stupid idea you can come up with, just to have 37 new posts in a day.

Individuality is what makes each blog different. Confine it in those 30 rules and all you get is the same cooking recipe, only with different ingredients. It really gets boring after a while, no matter how funny you think you are. Oh, and do yourself a favor — ditch the spellchecker and make the effort to speak and write English correctly, it may come handy one day. Assume the few mistakes you will still make, nobody is perfect. Spellcheckers are for lazy sissies.

Recommended addition to this post: Foamy’s Rants on IllWillPress.

This past week I became involved with my blog’s syndication feeds. It all started from BlogShares, an online game simulating a stock market for blogs around the world. I have been playing ocasionally with buying and selling shares, and then noticed that my own blog’s rating (or value) has remained unchanged for quite some time. BlogShares wasn’t picking up new posts and new links, which intrigued me.

BlogShares uses Syndic8 to track blog changes. Syndic8 periodically checks all syndication feeds in its database for updates, including mine. I could see that Syndic8 spiders were happily accessing my blog’s feed every day, but they were unable to understand the content of the feed file. This problem started when I upgraded from WordPress 1.2.2 to 1.5.

What have I changed during the upgrade? Well, I had modified WordPress 1.2.2’s syndication feed filenames to be Google-friendly; instead of wp-rss2.php and wp-atom.php, I renamed them to rss2.xml and atom.xml. Syndic8 spiders were accessing these feeds, people were subscribed to these feeds, everything was fine. But when I upgraded to WordPress 1.5, I no longer made the modifications so the new feeds were now wp-rss2.php and wp-atom.php. To make the change invisible for old subscribers, I set up my webhost’s server to redirect requests on rss2.xml to wp-rss2.php, and requests on atom.xml to wp-atom.php. Easy, painless, working perfectly.

Well, not exactly perfectly. This redirect was the cause Syndic8’s spiders were unable to parse the feed. They were requesting rss2.xml, were receiving the redirect to wp-rss2.php, were downloading the actual feed, but couldn’t understand it because of a parsing bug. The spiders didn’t ignore the redirect message and considered it a part of the feed, which was syntactically wrong.

After exchanging a few messages with Syndic8 guys and identifying the problem, the old syndication feed address on my blog was marked as “dead and redirected” in their database, and the new feed was submitted. It will take a few days until the blog gets indexed again, and at that time I expect my blog’s shares to make a nice jump up in value. Buy some of the available shares while you still can!

Too few people take computer security seriously. One can buy a computer from the supermarket these days. It is no longer regarded as a specialized tool but as a common household device. But nobody told you that you are also the administrator of this powerful device, did they?

Why is security important? Because, if you are reading this, your computer is connected to the Internet. Which means, it is a part of the Internet. Just as you can access other computers (servers) connected to the Internet to use their shared resources (web sites, file servers, e-mail servers and so on), so can others access your computer. So if your computer’s software is insecure, others can exploit those vulnerabilities with various purposes in mind. For example, one could try to access your personal files — things you’d like to keep private, like e-mails and address book, financial reports and credit card information, your medical records, your children’s photos and any sensitive information you have saved on your hard drive. One could try to remotely install programs to give them full access to your computer, thus preparing it to be used in other illegal activities, such as spreading viruses, attacking other computers or websites, or sending millions of spam e-mails.

If such things happen, it’s not the fault of those so-called “hackers”, nor the fault of the producer of your operating system. It’s your computer and your responsibility to manage it. That’s why there’s an “Administrator” or “root” account on your computer. Stop blaming others, it’s not rocket science to secure your computer yourself.

So how does the cat-and-mouse game work? Specialized organizations try to find vulnerabilities in all operating systems, and publish their findings regularily. Since most users use Windows, I’ll focus on it. Every month, new vulnerabilities in Windows’ components are being found, vulnerabilities that can be exploited in certain ways. As soon as such a vulnerability is discovered, Microsoft prepares a “patch” that updates the faulty Windows component; these patches can be downloaded free of charge, and the entire process of discovering newly available updates and installing them is completely automatic through the Internet’s best kept secret: Microsoft’s WindowsUpdate website. On the other hand, “hackers” try to find computers whose administrators didn’t install the patches and which are still vulnerable, and exploit those vulnerabilities to get complete access to that computer.

Let’s make an analogy to make it clearer. Suppose you have a nice barn (your computer) filled with all sorts of goodies (files, resources) for the winter. All your neighbours have similar barns. Everyone is happy with their barns. Once a month, a bunch of city folks with funny hats (security organizations) drive by, and inspect the barns for holes in the walls (software vulnerabilities). Then, they tell about those holes to the builder of all barns (the producer of the operating system) which, in turn, makes plugs to exactly fit each hole (the software patches). These plugs are free and the builder even installs them for free, all you need to do is call them (visit the WindowsUpdate site once a month). Why? Because mice (”hackers”) also learn about those holes in the barns (vulnerabilities), and they will try to get through the known holes to reach the goodies inside (exploit the vulnerabilities). If the barn has all known holes filled with the right plugs, then the mice can’t get in. If one of your neighbours didn’t make the call to the guys with the plugs, his barn will be crawling with squeaking rodents. Get it?

To keep your computer secure, the first step is to elliminate all known vulnerabilities. You do that by visiting the WindowsUpdate website once a month and allowing the site to detect what components need to be updated, to download the patches and install them. Yes, it’s that easy. No, it won’t take forever. Patches released in one month are usually a few megabytes or less, and your computer won’t need all of them; downloading shouldn’t take more than one hour even on a crawling dial-up connection. Is one hour each month too much to spare for the sake of your computer’s security? All you need to remember is to start Internet Explorer and select “Windows Update” from the “Tools” menu once a month. Easy!

If your barn had holes and mice settled in, then apart from plugging the holes you need to eradicate the mice as well. In other words, your operating system’s vulnerabilities are usually exploited by a certain kind of viruses called “worms.” These worms “crawl” through the Internet from one vulnerable computer to another. Once they have found a vulnerable computer, they will infect it and start spreading by finding other vulnerable computers to infect. Preventing the infection is done by patching the vulnerable components, as I have detailed above. But cleaning the worms from your computer is a different task. You could use a commercial antivirus to clean them, but there are free solutions to this problem, too. For example, Symantec, the creator of Norton Antivirus, offers free cleaners for specific viruses. The advantage is that these cleaners are free, are small, and do their job very well. The problem is that you need to know which virus you have in order to get the correct cleaner. This is where Stinger comes in: it is also a free cleaner from McAfee, it’s about one megabyte in size but it knows to detect and remove the most recent and dangerous worms spreading on the Internet — about 50 of them, each with a number of different variants. This is the perfect tool for automagically scanning and cleaning worms in your computer, very simple to use. In other words, Stinger would be the supercat you lock in your barn to find and eat all the mice inside. Is that cool or what?

Enough lecture for today. There’s more to computer security, so make sure you don’t miss the next class. You are one step closer to the rocket scientist diploma you have always dreamed of. Assignment due next time: get Stinger and scan your computer, and install all critical updates for your version of Windows.