Cautionary Tale

You should always be careful when handing over usernames and passwords to programs downloaded from the internet. 99% of the time it will be fine but sometimes it could lead to ruin. Not true? Then visit Coding Horror and read about how a programmer was hiving users Google e-mail passwords. Now think how many people use the same password for everything. Scary.

If you fall into the group of one password for all sites, try 1Passwd (not trying to be ironic). Great product which should help protect your many online accounts.

Over The Top

While death threats against bloggers aren’t to be condoned and the people who did it should be found and punished by law in the same way that I could be if I made death threats in person in the real world, the call for a Bloggers Code of Conduct is a real over reaction. Tim O’Reilly has put together a draft set of rules with friends that he hopes will be adopted by the blogging community. Blog’s are all about freedom of speech, and with freedom of speech you do get people with extreme and sometimes controversial/unpalatable views. I’m fine with that and if something I saw posted here was against what I wanted then it would be removed. However I don’t need someone else defining rules nor do I feel the need to wear a badge that reassures people I follow a certain code. I’m sure the graphics for the badges are temporary but the fact one is a sheriff’s badge just sets the wrong impression…as if the blogging world has lost control and it needs to be policed.

Hopefully this will all die down and turn into some guidelines that bloggers are free to copy to their own site if they wish. I personally don’t see the need.

*Update* – This blog has now been upgraded with the Airbag Department of Security Blog Advisory System – see bottom right of sidebar. The blogging world is now a safer place.

Wordpress...stuff

If you use WordPress and your on version 2.11 you MUST upgrade as soon as possible. A hacker managed to insert a security exploit into the 2.11 files. Although this only happened in the last 3-4 days it makes sense to move to 2.12…NOW. The dev blog has all the details.

The 2.1 upgrade contained a lot of fixes and changes. One that I hated was the feeds no longer displayed full text if you used the ‘more’ tag. Bah. I hate feeds that are truncated or contain excerpts. Defeats the purpose of feeds in my opinion and…well…it just sucks. Thankfully there’s a plugin – where would we be without plugin authors filling the gaps?

Another plugin I’ve recently added is the Dunstan Style Error Page. This generates a far more helpful error page for those links that might no longer exist or typo’s on blogs elsewhere.

Searching in WordPress is fairly weak but the Search Everything plugin allows you to turn on searching for comments, pages, metadata and even attachments. Hopefully this will be added to WordPress core as it’s been an asked for feature for a long time.

Final new addition here is the DoFollow plugin. It’s not new but I installed it after reading Dougal Campbells post on why he had only just installed it. Made total sense so it’s here now too. Again this really should be an option in the core.

There’s been a lot of bashing of WordPress recently but I still think it’s a great platform with an active community around it. Contributers will come and go but hopefully a more active and aggressive release schedule will see some features being more frequently released.

Spyware

I helped out a friend from work today. “I’ve got adverts popping up from time to time and it’s starting to annoy me”. I cannot believe the amount of spyware I found and cleansed from his machine. Unbelievable. I started thinking…how did you let it get like this but after a while it was more…the majority of folks pc’s will be like this – spyware and spam are ruining the internet for the casual user. Therefore what follows is my quick guide to stopping spyware.

Firstly, use a firewall and a virus scanner. Preferably a hardware firewall but software will do. Win XP service pack 2 comes with a firewall but I would still recommend installing a separate program. As soon as you install windows make sure the firewall is up and running. Next install an anti-virus package. I still can’t see past Nortons Anti-Virus and probably Zonealarm but Nortons Security Suite will do both. PC Pro also recommended F-Secure Internet Suite as their recommended net security tool so that’s worth a look too.

That’s the pc secured but it won’t stop spyware from being installed and taking over your machine. The next best step is to install an alternative browser to Internet Explorer. You could try Opera but Firefox for me is faster, offers more features through extensions and is free. By doing this many of the spyware tools that takeover your browser will be eliminated from ever running on your machine. This however is still not enough.

Next I would download and install three different spyware detection and removal tools. They are Microsoft’s Spyware beta, Ad-Aware and Spybot. The reason why I suggest all three rather than one is that they all seem to detect spyware to a greater or lesser extent. The advantage of Microsoft’s tool is that you can have it running in the background so that new spyware threats can be trapped before they are installed. Ad-aware and Spybot are recognised as industry leaders when it comes to spyware – I would recommend running them at least once a month and deleting anything that they find.

The above should lead to a clean pc free of any nasties that are downloading in the background while you surf. However the key to hassle free pc is to make sure all the signature files and virus updates for the above software are downloaded as frequently as possible. It’s a pain but there’s no point having a virus scanner whose signatures are a year old.

Once final brownie point goes to the Microsoft Spyware beta. It has a couple of nice features that make it easy to track and remove other problems. One is the System Explorers. From here you can easily see what is currently running on your pc and what is started up each time you reboot your machine. In fact using this tool today I found a search bar that wasn’t automatically detected by any of the above tools but could easily be disabled and then removed from the System Explorer screen. The second feature is a tool to restore the default IE settings in case your browser has been hi-jacked by another search engine – very nice.