Tag Archives: geek stuff

PUBLIC SERVICE ANNOUNCEMENT

Phishing Emails Used to Deploy KONNI Malware

if you are in the habit of using micro$not software, particularly the office varients (word, excell, power point, etc.), you should beware of the new “phishing” (specifically, “spear-phishing”) attack which uses an infected microsoft word document as the vector.

solution: don’t use micro$hit.

alternative solution: don’t use windoesn’t, or, if you do, don’t open ANY files that you receive in email, from ANYONE, if you weren’t expecting it, keep your antivirus software up to date, backup everything, and pray that something doesn’t happen anyway.

this is just the most recent extension of the exploder control controversy, started by my friend fred, back when W95 was current… except that, now, instead of calling it “OLE or “ActiveX” they’re calling it “VBA“, and it can do a lot more nefarious things to your computer than the exploder control could do — and the exploder control was relatively benign, in that it ONLY shut down your computer without your say so…

but micro$lop made a BIG OL’ fuss about it, when fred actually got it signed, because of the fact that it used ActiveX APIs in EXACTLY the way they were supposed to be used, and the automated process of signing didn’t take into account what the control actually DID, and whether doing that thing, at that time, was actually USEFUL… 😂🤣

by the way, the exploder control was SPECIFICALLY designed to work with W95 and IE3, so, unless you’re browsing on your grandfather’s computer, you’ve got nothing to worry about. 😉

database update

the database is fixed. 😌

what happened? that’s complex.

recently, i had my web site redesigned. the new design uses the “Enfold” theme, which uses a lot of what they call “transients” to maintain the look and feel of the site, regardless of the platform on which it’s being viewed. “transients” are sort of like cookies, except that you can’t opt out of them, and they don’t contain any personally identifying information. some of these “transients” expire immediately when a person leaves the web site, and others persist, for a few minutes to several days. they persist on your computer AND on my server… in the one of the tables in the database…

the “Enfold” theme has automatic caching and garbage collection routines that are supposed to handle these expired “transients”, but, because it’s a wordpress theme, it doesn’t do all the jobs very well… or, sometimes, at all… which is why i also use a caching plugin that actually, you know, works ALL the time, and not only some of the time… 😒

except that, for some reason, prior to my site upgrade, “someone” (and i have yet to identify who, but it was either my web designer or my host provider) recommended that i disable the caching plugin, because of some issue with the new version of wordpress… or something like that… as i said, i don’t remember. i distinctly remember disabling the plugin on someone’s recommendation, i just don’t remember exactly who, when or why. 😖

one way or the other, my caching plugin was disabled, which meant that, when i installed the new theme, it was relying on the not-working-the-way-it-should, internal cache… which, basically, didn’t work, causing the table in the database to expand beyond my disk space allocation. 🤯

it didn’t show up in my cPanel because i wasn’t looking at the SQL disk space, which is “below the fold” of my browser, and i just didn’t scroll down far enough to see it. 😕 during the nightly automatic backup, it was overwhelming the server for everybody, not just me. i had to pay my web designer for two days of poking through piles of arcane SQL code and deleting bits and pieces of it. it was not fun.

the solution was to enable the caching plugin(!), and to install a “transient manager” plugin, so that i can delete the expired transients from the wordpress dashboard, and not from the SQL database,… which requires A LOT more “knowing what to look for” and “knowing how to delete stuff without damaging other stuff” than i have on board, personally.

databases

my first direct experience with databases was in the late 1980s or early 1990s, when i got a “job”, “working” for this… guy…

i don’t remember his name — possibly “henry” — but i remember his attitudes: he was always right, nothing he thought of had ever been thought of before, he was the richest, smartest, trendiest, most “on-top-of-it” dude that ever hit the face of the planet, and GAWD HELP YOU if you EVER got in his way.

needless to say, the “job” didn’t last long. it started with him demonstrating how generous he was, by buying me a disk caddy, so that i would have somewhere to keep all of the disks i was going to accumulate working for him. then he started asking me about computers. at the time, i was NOT a “computer geek”, nor did i want to be one (my father was one of the original “computer geeks” and i DID NOT want to be like my father), but i knew about computers because i had been working as a typesetter for a few years. he asked me what i didn’t know about computers, and one of the first things out of my mouth was “databases”, so he signed me up for a week of training with “FileMaker”…

what i learned was a bunch of recycled stuff from my already ample knowledge of microslut word and excel, with a bunch of “hypercard-like” stuff which i sort of vaguely understood (but nobody i knew used hypercard for anything, so i never really knew what i had missed until years later), and, at the same time i was doing this training, i was helping this… guy… clean out his house, because he was going through a divorce, or some awful shit like that, and he, basically, had to move EVERYTHING that was “his”, out of one house and into another, that was a few houses down the street…

which is where i learned that his “rich” persona was heavily financed by several HUNDRED overdrawn credit cards — he had been using one credit card to pay off another credit card, and when he ran out of credit cards, he would just start up a new one, and use it to pay off the previous ones… FOR YEARS… — at which point i decided that working for this guy might not be such a good idea, if i wanted to get paid.

quite apart from the fact that working for him was REALLY annoying…

so, ultimately, i spent a week learning really complex software that i never got to use for anything, and that was it, until i got my job at software.com, testing email servers, in 2001.

and, for all of my work with databases at software.com/openwave, i still don’t have a really solid grasp of what they are… where they “live”, what they do, how they work… anything… all i know is that, under the right set of circumstances, you can give “commands” to a database, and it will perform certain functions with a variety of different “objects”, the outcomes of which can be used in a multitude of different ways, depending on what is contained in your database.

i get the impression that databases are a lot like the world wide web, in that they both have a lot of objects (web sites) that are linked together in a somewhat-haphazard, but definitely organised way.

so, you can imagine that it was something of a surprise when, the other morning, i woke up, checked my email, and discovered two somewhat alarming notices. the first was warning me that i had used up 90% of my disk space on my server, and the other was warning me that a “table” on my main database was malfunctioning… or something… and collecting 251 GB worth of data… which, somehow, was NOT showing up in my cPanel, which says “Disk Usage 18.43 GB / 292.97 GB”…

and, of course, it happened on a sunday, when nobody’s in the office, and on mothers day, when even fewer people are in the office, and during a PANDEMIC… 😒

so, first thing this morning, after waking up to a broken heat pump, and a wife who wrenched her back, i wrote to my web designer, who said, oh yeah, we’ve seen this kind of thing before, it’ll cost between $200 and $500 to fix it…

and I DON’T EVEN KNOW WHAT’S WRONG… 😖

new regex stuff!

logical operators! thanks ian! 😉

+ () [] - |

(stuff that remains the same)+(stuff that changes) – otherwise known as “capture groups”

[89] = 8 or 9

[0-4] = 0, 1, 2, 3, or 4

| = logical OR

so…

\D(85\.157\.47\.)+(12[89]|1[3-9][0-9]|2[0-4][0-9]|25[0-5])\D

means “capture everything in 85.157.47.128/25”

which, up until now, has meant “make a separate rule for every IP address between 85.157.47.128 and 85.157.47.255” — 128 SEPARATE RULES, which takes A LONG time, and slows down processing speed.

this is a BIG step forward!

WOO!!! 😎👍

ETA 200205: even more WOO!!! because ian directed me to a RegEx Numeric Range Generator, which means that i don’t have to figure them all out myself! WOO!!! 😎👍