Adventures in IT

Giving up Facebook was difficult. I had to face up to the fact that I was thinking about it pretty much whenever I was taking a break.  I started to realize that Facebook took up a fair amount of headspace and time.  Since I don't smoke I don't go outside.  Left with the choice of drinking yet another cup of unhealthy coffee or finding a distraction on my PC I found Facebook curiously addictive. What did I like about Facebook?   Well I analyzed this carefully and thought about the value proposition.   Ultimately I realized that Facebook offered two things - lots of  shallow electronic interactions and meaningless flash animation games.  Since I earn enough to buy a decent PC (or console) and really hot games the games on Facebook offer little.  The only game that meant anything to me was Fairyland and that only because it promised to save the rainforest.  PC games are better without Facebook.  As for meaningless social interaction ...

It is very simple and quick to create a self-signed certificate on your development machine. Of course you would never use this on a production server because self-signed certificates are vulnerable to man in the middle attacks.  You will need to make sure that you have the ssl-cert and libapache2-mod-gnutls packages installed. Step One : Use the ssl-cert package to create a self-signed certificate.  This will create the certificate files in /etc/ssl which is where the Ubuntu default Apache configuration expects to find them. make-ssl-cert generate-default-snakeoil --force-overwrite Step Two : Active the SSL module and the default SSL site using the convenience wrappers: a2enmod ssl a2ensite default-ssl Step Three : Restart Apache service apache2 restart

Just another working day in Redmond Being placed in the dire situation where my project has to go live and is being served by a Windows server that has no administrator I was forced to open up my RDP client and venture back in time to the days of dinosaurs and IIS. Unified Communications SSL Certificates are pretty much the only solution I could find to allow a single installation of IIS to share a single certificate that is valid for multiple domains that don't conform to a wildcard.  Whew, what a mouthful.  In other words if you have the domains http://www.ihatemicrosoft.com , http://www.apacheisfree.com , and http://www.graphicalinterfacesareforpansies.com you can use a SSL single certificate to secure them by setting up Subject Alternate Names . Getting them up and running was a cinch for me made only slightly more complicated by previous failed installation issues which I had to identify and undo. Firstly if somebody else has tried to install the certificate and f...

Directory traversal attacks occur when your program reads or writes a file where the name is based on some sort of input that can be maliciously tampered with.  When used in conjunction with log poisoning this can lead to an attacker gaining remote shell access to your server. At the most simple it could be to include a file like this: echo file_get_contents($_GET['sidebar']); The intention would be for you to be able to call your URL and send a parameter indicating which sidebar content you want to load... like this:  http://foo.bar/myfile.php?sidebar=adverts.html Which is really terrible practice and would not be done by any experienced developer. Another common place where directory traversal attacks can occur is in displaying content based on a database call. If you are reading from or writing to a file based on some input (like GET, POST, COOKIE, etc) then make sure that you remove paths .  The PHP function basename will strip out paths and make sure ...

http://jenkins-ci.org/ Jenkins is a free and open source solution for monitoring the execution of jobs, including software project builds. By monitoring the outcome of a build you are able to provide continuous quality control throughout the development period of a project.  The aim is to reduce the effort required in quality control at the end of development by  consistently applying small amounts of effort to quality throughout the development cycle. Under the continuous integration (CI) model developers should consistently integrate their development efforts into the repository.  There should be time delay between committing code changes and the new build - this allows developers to recognize and correct potential problems immediately.  Of course measures must be in place to flag errors with the build. The advantage to developers and project managers to having a stable repository to which commits are made and tested are multiple.  I don't need to ...

It's very simple to set up a name based virtual host in Apache 2.2 using the default Ubuntu package. I'm assuming that you have installed Apache already and that you have edited /etc/apache2/sites-enabled/000-default to change the AllowOverride None to something like this: <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> If you have not already used this command sudo a2enmod rewrite then do so in order to enable mod_rewrite. Now edit your /etc/hosts file and add an entry that points to the server where you are setting up the virtual host. The line should look something like this: 192.168.0.100 mysite.local Where the IP address points to the server where you are setting up the host and mysite.local is a nickname for the site. Remember to add the .local :) Now create a file in /etc/apache2/sites-ava...

Microsoft Just Clowning Around Again If you're impatient here is the link that this article leads to SOAP is generally understood to be a simple method for systems to exchange data in a standard manner. This allows for remote systems to make calls on a server application. This sounds like a Good Idea. Microsoft, however, does not appear to fully understand the concept of SOAP when it comes to providing a SOAP server based on "datasets". Apparently the use of these datasets make it much easier for programmers using Microsoft languages to consume web services.  Unfortunately it makes it inconvenient for everybody else. So we have a standard way of doing things, but Microsoft decides to "improve" it and thereby forces everybody else to manually parse their XML responses. What is the point of having a standard method of accessing server methods if Microsoft then makes their implementation inoperable to Java, PHP, Ruby, Python, developers?  Isn...