It was a day I hoped would never happen, but I sat down this weekend and updated my little US national debt clock to display over $10,000,000,000,000. I say it's a sad day because despite what some people say (that the further in debt our country is the more prosperous we are) I find it hard to believe we're better off because of the debt we've just taken on. The whole concept of "money as debt" just seems corrupt. Then again, I'm not an expert on economics. Maybe having our national debt increasing at the rate of $36 per millisecond is a good thing.
The debt clock started when a friend e-mailed me a years ago and asked how to do a counter like a clock that starts at a specific point. He needed it in Flash so I whipped one together and sent it to him and then realized I could maybe do something worthwhile by putting it out there for people to use. I did.. and it hit myspace and facebook.. and I'm currently seeing about 65,000 views of it each month. I encouraged people to download it and install it on their own servers (it's not sucking too much bandwidth, but they shouldn't have to wait on my server for their page to finish loading..) so I'm not sure how many views it's getting that way.. I know it's being used on quite a few political web sites (both Republicans and Democrats running for Congress for example), in articles, and on some personal web sites.
I don't fuss with the accuracy of it since I figure if they can pull a number like $700,000,000,000 out of thin air just because it's "a really large number" then there's no point in trying to be too accurate on anything based on numbers provided by the same folks. I like to think that over the last few years I've helped a tiny bit to raise awareness of our out of control spending.. I can hope it's not too late to sort things out and maybe someday I'll be able to reverse the clock.
Updated debt clock to show over $10,000,000,000,000 Sunday, October 05, 2008
Dear Adobe Monday, September 15, 2008
Some people don't like submitting bug reports about specific issues, but would rather just complain about general problems that bug the crap out of them. For those people there is the Dear Adobe site.
I don't particularly like the idea of smearing a company for no good reason, but if the people who are using the site have submitted bug tickets and feel like Adobe is ignoring them then I guess they have every right to complain.. or just use another product. That's part of how free market economics is supposed to work? If you find a better product then use it. And if the masses yell their complaints loud enough and the company is nimble enough then it'll fix the issues and keep the business.
Here's one I found: "please allow Flash's action window to stay visible when another app is in front, sometimes you need to compare code to something else." .. been an irritation for me for years and has been reported to Macromedia and Adobe many times. It's one of those "minor" issues that becomes major if you have to use the application a lot. I'm pretty sure I saw on one of the demos or heard through the grapevine that this has been changed in CS4.. so when you have the Actions panel open and switch over to another app the Actions panel remains visible. So maybe they did react and fix that. I'll keep my fingers crossed for code folding.
I don't particularly like the idea of smearing a company for no good reason, but if the people who are using the site have submitted bug tickets and feel like Adobe is ignoring them then I guess they have every right to complain.. or just use another product. That's part of how free market economics is supposed to work? If you find a better product then use it. And if the masses yell their complaints loud enough and the company is nimble enough then it'll fix the issues and keep the business.
Here's one I found: "please allow Flash's action window to stay visible when another app is in front, sometimes you need to compare code to something else." .. been an irritation for me for years and has been reported to Macromedia and Adobe many times. It's one of those "minor" issues that becomes major if you have to use the application a lot. I'm pretty sure I saw on one of the demos or heard through the grapevine that this has been changed in CS4.. so when you have the Actions panel open and switch over to another app the Actions panel remains visible. So maybe they did react and fix that. I'll keep my fingers crossed for code folding.
Check Layer 1 first Wednesday, July 09, 2008
I was working at about midnight the other night when I heard my little VPN app scream that it'd lost connection.. I noticed that I couldn't get out to my favorite site and checked my DSL modem.... the status light was off. So the next morning I got up and saw it was still off. I called the DSL provider, we went through the standard power off/on stuff and the regular checklist and the guy in India said he'd overnight a new modem (it still hasn't gotten here..). A little while later I remembered something from my CCNA 1 class - check "layer 1" first.
So I swapped out the line between the modem and the wall jack. The lights came back on. I took that phone line and tested it with a phone and it was bad... heh. Always check layer 1 first.
So I swapped out the line between the modem and the wall jack. The lights came back on. I took that phone line and tested it with a phone and it was bad... heh. Always check layer 1 first.
Being blacklisted by your own host - because of a mambo template? Tuesday, July 08, 2008
A couple of weeks ago I heard from a client (friend) that has a site hosted on my reseller web server and he said something odd - he said he could access his web site from work but not from home. There's a ton of things that could cause that so I stuck it in the back of my head and went on. Well the other night I went through and updated the mambo installation on that server and was testing it out when suddenly I could no longer get a response from it. I also found I couldn't get a response from any site on that server, couldn't traceroute to it, etc.. I'd been put on their firewall blacklist. Ouch! And for what?
I got in touch with the support folks and they confirmed that their firewall did indeed think I was an evil hacker and sent me the logs to show what caused it:
Fri Jul 4 22:10:37 2008 lfd: mod_security triggered by 192.168.216.232 - 1 failure(s) in the last 75 secs
Fri Jul 4 22:10:37 2008 lfd: mod_security triggered by 192.168.216.232 - 2 failure(s) in the last 75 secs
Fri Jul 4 22:10:56 2008 lfd: mod_security triggered by 192.168.216.232 - 3 failure(s) in the last 100 secs
Fri Jul 4 22:13:05 2008 lfd: mod_security triggered by 192.168.216.232 - 4 failure(s) in the last 230 secs
Fri Jul 4 22:13:46 2008 lfd: mod_security triggered by 192.168.216.232 - 5 failure(s) in the last 275 secs
Fri Jul 4 22:13:47 2008 lfd: 5 (mod_security) login failures from 192.168.216.232 - *Blocked in csf*
Fri Jul 4 22:13:48 2008 lfd: alert email sent for 192.168.216.232
But.. I was just browsing the site! I wasn't trying to log into the site. I was just doing what a regular web surfer would do.
So after some digging around in the web server log files I found this:
- - [06/Jul/2008:20:18:48 -0700] "GET /%3C?php%20echo%20http://www.thedomain.org;?%3E/templates/247clean/images/favicon.ico HTTP/1.1" 406 341 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11"
Ow... I should have caught that long ago when I was looking in the log files, but somehow didn't. My guess is that this was mangled up like this for a long while (I hadn't touched the offending file in at least a year) and the host changed their mod_security rules and started triggering the fun.
So the offending file was in the 247clean template (which is a great template.. they just slipped up on this bit of code..) here:
(in index.php)
<meta http-equiv="Content-Type" content="text/html;><?php echo _ISO; ?>" />
<?php if ( $my->id ) { initEditor(); } ?>
<?php include($GLOBALS['mosConfig_absolute_path']."/templates/247clean/splitmenu.php"); ?>
<?php echo "<link rel=\"stylesheet\" href=\"$GLOBALS[mosConfig_live_site]/templates/$GLOBALS[cur_template]/css/template_css.css\" type=\"text/css\"/>" ; ?><?php echo "<link rel=\"shortcut icon\" href=\"$GLOBALS[mosConfig_live_site]/<?php echo $mosConfig_live_site;?>/templates/247clean/images/favicon.ico\" />" ; ?>
the favicon code could be hardcoded if you only have one site to something like:
<link rel="shortcut icon" href="favicon.ico" type="image/vnd.microsoft.icon">
...or if you have many sites and you want to reuse the template for all of them then:
<link rel="shortcut icon" href="<?php echo $mosConfig_live_site;?>/images/favicon.ico" />
also note the extra greater than character in the content-type tag..
Fixing that issue was easy enough, but... here's the worrisome thing.. anybody (or any web spiders) who visited the sites that I use this template on and clicked through more than 5 or 6 pages in a couple of minutes is now blacklisted by the host - and from what they say it's a long term blacklist.
I got in touch with the support folks and they confirmed that their firewall did indeed think I was an evil hacker and sent me the logs to show what caused it:
Fri Jul 4 22:10:37 2008 lfd: mod_security triggered by 192.168.216.232 - 1 failure(s) in the last 75 secs
Fri Jul 4 22:10:37 2008 lfd: mod_security triggered by 192.168.216.232 - 2 failure(s) in the last 75 secs
Fri Jul 4 22:10:56 2008 lfd: mod_security triggered by 192.168.216.232 - 3 failure(s) in the last 100 secs
Fri Jul 4 22:13:05 2008 lfd: mod_security triggered by 192.168.216.232 - 4 failure(s) in the last 230 secs
Fri Jul 4 22:13:46 2008 lfd: mod_security triggered by 192.168.216.232 - 5 failure(s) in the last 275 secs
Fri Jul 4 22:13:47 2008 lfd: 5 (mod_security) login failures from 192.168.216.232 - *Blocked in csf*
Fri Jul 4 22:13:48 2008 lfd: alert email sent for 192.168.216.232
But.. I was just browsing the site! I wasn't trying to log into the site. I was just doing what a regular web surfer would do.
So after some digging around in the web server log files I found this:
- - [06/Jul/2008:20:18:48 -0700] "GET /%3C?php%20echo%20http://www.thedomain.org;?%3E/templates/247clean/images/favicon.ico HTTP/1.1" 406 341 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11"
Ow... I should have caught that long ago when I was looking in the log files, but somehow didn't. My guess is that this was mangled up like this for a long while (I hadn't touched the offending file in at least a year) and the host changed their mod_security rules and started triggering the fun.
So the offending file was in the 247clean template (which is a great template.. they just slipped up on this bit of code..) here:
(in index.php)
<meta http-equiv="Content-Type" content="text/html;><?php echo _ISO; ?>" />
<?php if ( $my->id ) { initEditor(); } ?>
<?php include($GLOBALS['mosConfig_absolute_path']."/templates/247clean/splitmenu.php"); ?>
<?php echo "<link rel=\"stylesheet\" href=\"$GLOBALS[mosConfig_live_site]/templates/$GLOBALS[cur_template]/css/template_css.css\" type=\"text/css\"/>" ; ?><?php echo "<link rel=\"shortcut icon\" href=\"$GLOBALS[mosConfig_live_site]/<?php echo $mosConfig_live_site;?>/templates/247clean/images/favicon.ico\" />" ; ?>
the favicon code could be hardcoded if you only have one site to something like:
<link rel="shortcut icon" href="favicon.ico" type="image/vnd.microsoft.icon">
...or if you have many sites and you want to reuse the template for all of them then:
<link rel="shortcut icon" href="<?php echo $mosConfig_live_site;?>/images/favicon.ico" />
also note the extra greater than character in the content-type tag..
Fixing that issue was easy enough, but... here's the worrisome thing.. anybody (or any web spiders) who visited the sites that I use this template on and clicked through more than 5 or 6 pages in a couple of minutes is now blacklisted by the host - and from what they say it's a long term blacklist.
