ERIC SHEFFERMAN <DOT> COM

Blog-o-Goodness

You can’t go out this Friday night, it’s time to update WordPress to Version 3.4.2

Holy mother of toad! Again! WordPress just loves to release those late in the week security updates.

We already know how hackers work — they do a file compare of the old WordPress version to the new one, the write some code to exploit the vulnerability, and then they set the code loose on whatever servers they already control to hack MORE servers and control them too.

Then they go out, party for the weekend, and check in Monday morning to see all the WordPress installs they’ve hacked and can add their porn links to.

You’ve got two choices folks:

1. Get hacked and have all the gurus on WordPress.org blame you for your negligence.

2. Stay in Friday night logging into each of your WordPress installs and clicking the damn UPDATE button and waiting for it to finish. (And if you’re smart, run a backup before you do that.) No party for you

But FINALLY there is a new third choice that actually makes sense!

3. Use ManageWP to administer all your WordPress sites and be able to update them all with ONE click. And then go out and party!

I just used it and now I get to go out and party while feeling a bit safer and secure, knowing that my WordPress sites are all updated to the latest version.


Go there, do it now, the pain of having your site hacked over the weekend is too much. Trust me: been there, done that.

Share

Privacy is Dead, but seriously Atari.com WTF???

I have long felt that privacy is dead and I have started to put together a 30+ part series on privacy is dead because it pops up everywhere, but this just takes the cake and eats it too.

Atari is:

  1. apparently in business – who knew?
  2. has Nolan Bushnell speaking for it (I have no idea what his level of involvement is)
  3. releasing some neat HTML5 code to make it easier to make games in javascript called the Atari Arcade SDK and CreateJS

http://www.atari.com/arcade/developers/

http://createjs.com/#!/CreateJS

and you can currently play these remakes of classic Atari games
(the technology is cool, the gameplay is like the programmers had no idea what was fun about the original games)

http://www.atari.com/arcade#!/arcade/atari-promo

Now, I’ve thought javascript was a crappy idea since forever and it used to run REALLY slow, but I guess everyone is all hopped up on it for all sorts of modern stuff and hopefully it is being made to run better and faster. Although my gmail still annoyingly crashes every once in a while.

I guess anything is better than flash.

Anyway, it seemed like it was useful to create an account on atari.com. First name, last name, and birthday are all required fields. OK fine. I expect that. But I didn’t expect them to PUBLISH that info. WTF???

Read the rest of this entry »

Share

Why I hate WordPress – Part 9,347

Seriously,

http://wordpress.org/news/2011/06/passwords-reset/

And to crap on top of it, I actually do have W3 Total Cache installed and did update it just the other day.

However, it only updated “because it’s there” — I don’t actually use it. I just never happened to delete it after I deactivated it. I guess I was hoping I’d figure out how to enable something useful like cacheing without it destroying the usability of my site.

So now I’ve had a “cleverly disguised backdoor” installed on my web site (which can thus access ALL my domains) for a few days.

Of course, I don’t even know what to look for regarding this exploit.

How could I have protected myself from this? Checking the WordPress.org news minute by minute for their latest security issues? Can I afford to ever sleep? Or maybe I just need to read through every single line of code for every single theme and plugin? Oh — but I probably have to scan the entire WordPress core as well. How long could that take?

Oh – the only solution is to buy VaultPress for ALL my domains… That makes sense. At least then I’ll be making somebody else’s monthly Corvette payment.

That’s the problem I keep running into with WordPress — it’s a bunch of very pretty cards and when you’re done… you’ve built a house of cards.

From my admin page — I gave up on even having this plugin activated in January.

Share

WordPress – Be Ready To Be Hacked Again

Ahh… the dreaded

3.0.4 Important Security Update

…a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.”

Yeah. What that says to me is, “A hacker has already looked at the vulnerabilities in 3.0.3 and written a script to exploit it and deployed it on the websites he/she has already hacked so that it can go out and get access to even more web servers by simply crawling the web looking for WordPress installations that haven’t been updated yet.”

Read the rest of this entry »

Share

New York State License Plates… When Retro Means Ugly

I’ve been noticing lately that there’s a bunch of cars on the read with “industrial equipment” yellow license plates. Today I thought I’d look into that and see what the story is.

I remember when New York state switched to the white background license plates (this must have been in the late 1980’s). My boss at the time pointed out that even though some people didn’t like the idea of change, overall most car colors look better with a white license plate against them then with that garish yellow.

Apparently, someone decided to “bring it back” — because nothing looks better than putting something that looks like World War II surplus paint color against a car with a modern paint job. To add injury to the insult, the new plate fee for cars will be $25 instead of $15. Hurray for progress!

Read NY State’s proud press release here.

In the U.S., where each state issues plates, New York State has required plates since 1901. Apparently they’ve changed colors a lot over the years until the 1970’s-1980’s where they fixed on the ugly yellow. Having switched to a classy white plate (like so many other states use) for so many years, there’s nothing to do but change it back so that it’ll be easier for cops down south to spot New Yorkers at a distance and give them speeding tickets. Your tax dollars at work!

Here’s a site with pictures of licences plates in NY from various years, so you can wax nostalgic.

Share

The “Too Late” Info on Drive-By Malware

Ah – by the time you read this, it will be too late.

By that I mean that after you’ve been hit by some Drive-By Malware — some website that forces your computer to run a fake anti-virus scan, etc. — then you’re already compromised. If it’s really clever software, it’ll disable your internet access so that you won’t be able to find an article like this.

Read the rest of this entry »

Share

Steve Jobs doesn’t like Flash – me neither

from

http://www.apple.com/hotnews/thoughts-on-flash/

We also know first hand that Flash is the number one reason Macs crash. We have been working with Adobe to fix these problems, but they have persisted for several years now. 

I agree.

Read the rest of this entry »

Share

Keep Up With
Eric Shefferman

Via RSS
    

Via Email Updates
Name:
Email:

Categories

Archives

The following link is not for people: I do not like it, Sam I Am.