Solipsism Gradient

After some very tense days, I’m up and running on the new hosting provider: DreamHost. Prices are good, support seems to be fast and quite good, and there’s lots of options. More if you buy before year’s end; if you do so, be sure to mention my domain name as the referrer, or click through from the link above; I’ll get a modest commission.

The Santy worm, now apparently renamed Spyki, is still pounding the servers in ever-new combinations. Still, the security hole remains closed and I have added some new stuff to avoid having the server respond to the worm, which should ease the load quite a bit. If you have seen the site responding very slowly or even not at all during the last two days, it was a hardware problem and should be fixed by now.

Some other things are still shaking out but everything should return to normal on January 1st. In particular, Bill Bumgarner has tested RBSplitView and made some interesting suggestions; so have several other developers. It seems I should put up a new “source code” page with that and other goodies, so that will be my first priority.

Rainer Brockerhoff wrote:

… In particular, Bill Bumgarner has tested RBSplitView and made some interesting suggestions; so have several other developers. It seems I should put up a new “source code” page with that and other goodies, so that will be my first priority.

While I’m working on the source code page, Erik Barzeski of Freshly Squeezed Software wrote on his NSLog() that they’ll be using RBSplitView in their new version of PulpFiction:

Total time to convert from our hacked up NSSplitView (which can be collapsed, stores sizes, has minimum sizes before collapsing, etc.) to RBSplitView and to add the feature I just mentioned: about ten hours. Coded, bug fixed, and tested.

Now that’s the sort of thing I like to read…

Also, Steve Gehrman, the mastermind behind CocoaTech, will be using RBSplitView in the forthcoming version of Path Finder. My thanks to all who’ve helped with suggestions and debugging!

Meanwhile, I’ve belatedly noticed that my last post below was #1000, and that this weblog’s second anniversary has passed unnoticed on last Sept. 21st. Not bad…

Rafael Fischmann wrote:

It’s not that strange, Rainer… you have changed your phpBB settings to redirect to this weblog page whenever a user access your viewtopic.php page, something that doesn’t happen when you access viewtopic.php in a default phpBB installation.

That’s not what I did; I just made my weblog topic the default topic. Since 99% of accesses to my forums are to my weblog page, that should make little difference – at least in terms of traffic. Then again, Google doesn’t measure traffic.

Anyway, since the topic argument is not a part of the URL proper, but of the arguments (the part after the ‘?’), Google shouldn’t consider that for relevance either…

Posted by Rafael Fischmann:

Rainer Brockerhoff wrote:

Interestingly, this worm used Google as a tool to detect vulnerable websites. That specific search is now supposed to be blocked. Still, I tried some searches and found that I’m third from the top when searching for “viewtopic.php” – one of the search strings perhaps used by the worm – among about 7,910,000. Very strange.

It’s not that strange, Rainer… you have changed your phpBB settings to redirect to this weblog page whenever a user access your viewtopic.php page, something that doesn’t happen when you access viewtopic.php in a default phpBB installation. That’s why your weblog is on the top of Google’s list when you search for viewtopic.php.

Erik Barzeski’s NSLog() pointed me at yet another IQ test. Since I can’t seem to resist these things, there I went.

Apparently my general score is 161 (genius!) and I score 88 out of 100 on “pattern recognition”.

Hmpfh. I’d be interested in knowing why I lost those 12 points, anyway… still, the test is a little different from the usual run-of-the-mill IQ tests. IQ, by the way, is best defined as “a number that scores your ability to take standard IQ tests”.

If you decide to try it, speed counts. Don’t put much store by the results though.

About a month ago I noticed some strange stuff in my access logs here and saw what seemed to be a hacking attempt against my forum software. I immediately fixed the vulnerability by upgrading to the latest version, and kept watching. Hacking attempts continued afterwards, increasingly, although none were having any effect… a few days ago, they were up to a few hundred per day. Yesterday, they almost doubled my traffic…

…and today in the morning my site suddenly went offline. I learned a few hours later that a friend’s forum, hosted on the same server, had been hacked by what is now known as the Santy Worm, and used to launch an outgoing DDOS attack against other servers. Not funny; especially as the provider yanked the whole machine offline while they tried to find out what was going on and what to do.

Still, they responded correctly, if slowly, upgrading their software to a non-vulnerable version and blocking all outgoing connections from the server, which shouldn’t impact anyone as far as I can see. I may seize the occasion and later in the week implement some more changes here…

If you tried to access this site, or download something, during the few hours we were down, my apologies. Hopefully it won’t happen again soon.

Interestingly, this worm used Google as a tool to detect vulnerable websites. That specific search is now supposed to be blocked. Still, I tried some searches and found that I’m third from the top when searching for “viewtopic.php” – one of the search strings perhaps used by the worm – among about 7,910,000. Very strange.

Suddenly, a number of XRay users began e-mailing me with questions about a supposed version 4 (!), or saying that someone else had published an application with the same name, and that I should do something about it.

Well, I already knew there was a video app around called DivXRay (as well as dozens of Windows app with various spellings of the name), but nobody had ever confused them before… but upon checking more closely, there certainly was a new app there called XRay 4. Worse, their website made reference to “XRay 3” and “XRay 2”, and as you all know, I’m still working on XRay 2 myself… so something indeed had to be done.

I e-mailed Martin Hering, the author of the application, and in some few minutes we had a long conversation over iChat. He’s German too, so I got a chance to practice . Turns out he was indeed the author of DivXRay, took it with him when he left the company that formerly sold it, and had now shortened the name of the new version at the request (with a cease&desist, I suppose) of DivX.

He wasn’t at all overjoyed at the news that he would have to change the name again – especially since he’s already selling boxed CDs in German stores. However, XRay is a common enough word – although not in that particular spelling – so my intentions were just to avoid user confusion on VersionTracker and MacUpdate. We finally agreed that he would call the application “XRay Video 4” on those sites, and that we would link to each other’s sites to avoid user confusion; since our apps are not competitors, that’s quite satisfactory for me.

Well, there’s a lesson here: searching carefully for existing application names (and trademarks) is always advisable…