Bryan Ruby


Thoughts, Words, and Deeds

The botnets are coming to a Windows PC near you

The November 20, 2006 article "Spam surge linked to hackers" from eWeeks is a must read. Unfortunately, I can't find the actual online version of the article in print.

The article discusses the increasing complexity hackers are using botnets running on tens of thousands of hijacked Windows computers to spread spam. The article focuses on the research by SecureWorks regarding the malware trojan called Troj/SpamThru. Some scary unique features have been identified with this trojan including:

  • Peer to Peer Communication (hackers can have control without a server)
  • Anti-Virus Scanning (Uses anti-virus software to scan against rivals)
  • Template-based spam
  • Almost half of the PCs infected are PCs with Windows XP SP2 installed (outside of Vista, Microsoft's most secure Windows system to date).

Do I bring this up because I don't like Microsoft products? Not at all and in fact as I write this post I'm using a Windows XP system. My point is that if you plan on using Windows XP do all of us a favor and be sure you've installed on your PC the latest software updates and security patches available.

Shame on you if you are still using an older and even less secure Windows system such as 98, ME, 2000, XP, XP SP1. If you aren't running a firewall and/or anti-virus software with your Windows system because of "performance issues"...either get yourself some new hardware or consider loading an alternative operating system such as Linux.

Above all, start practicing safe computing. I don't want to hear any excuses why you're not...

Creating E-government the right way

Computerworld and the National Policy Research Council (NPRC) recently completed a study ranking the Websites of state, county, and local governments on usability and other criteria. In the study, Michigan's site earned top marks.

According to the article, the "the e-government report card is based on an extensive examination of 11,227 official government Web sites." Sites were judged on 25 criteria, including "whether people could use them to pay taxes, bid for contracts, find government jobs and complain to local officials about concerns such as potholes." Also included in the article was a report card summarizing other top e-government performers among city, state, and local sites.

What separated the winners from the losers?

Getting eAccelerator 0.9.5 to run correctly

Over the weekend, I upgraded the server that hosts CMS Report with the latest stable releases of MySQL and eAccelerator. The upgrade from MySQL 4.1 to 5.0 was easy compared to the upgrade I made a year ago from MySQL 3.23 to 4.1. This time around I also have use of CPanel which meant I could make the database upgrade with at least one eye closed. My journey with upgrading from eAccelerator 0.9.4 to 0.9.5 however took a lot longer.

I've been using eAccelerator 0.9.4 since it was released early in 2006. I've gotten into some trouble in the past by those smarter than me when I tried to explain exactly what eAccelerator does and does not do. To play it safe this time around, I'll give you the summary of what eAccelerator does straight from eAccelerator.net:

SitePoint: I Have Never Met a Boxed CMS I Like

Wyatt Barnett in his Sitepoint article, "I've Never Met a Boxed CMS I Like" makes some very valid points about content management systems straight out of the box. Take note that he isn't just talking about commercial products but also open source systems. His first complaint about "boxed" CMS:

The first issue is that the very nature of a CMS is not easily boxable, without creating an application that tries to do everything for everyone and fails at doing most things particularly well. The tasks required for content management are generic, but every organization has a far different focus when it comes to how that content should be managed and how it thinks about that content. I have lost days of meetings trying to help subject matter experts understand that an article, according to this system, is really a page. Trying to make a generic application to handle this for all comers is a very, very tricky prospect.

Sadly, his post doesn't really offer a solution. I assume building your own CMS is the only alternative to the boxed version. But I have to ask, who really has the time? I think there are some obvious reasons you see so many capable software developers are using open source software such as Wordpress, TYPO3, e107, Alfresco, and Drupal for their Web presence.

Fishing with osCommerce

I'm finally down to just the finishing touches on that osCommerce project I mentioned about last month. The site is Dakota Angler, a fishing bait and tackle store, that finally is ready to sell their goods online.

What made the project challenging was that it already had a presence on the Web providing fishing reports, images of big catches by the customers, and an active forum. Having to integrate a new shopping cart around the old site in a way the client was comfortable took some effort. He wanted the online store, but he didn't want to change the existing site so much that he lost his current users or made it difficult for his employees to learn "everything new". There are some practical business decisions as to why you don't want to fancy up a "bait store" too much for the customers.

Just as challenging to work with was the choice of software for the online store, osCommerce. As I've mentioned before, I'm just a little surprised with how much work was required in hacking the core. In osCommerce, I found that the "boxes" and much of the other non-product content are stored in "flat files" and not the database.