(Fr)Hacking Bastards

5 comments

A few weeks ago, I started my working day to discover that two of my sites had been blacklisted by Google, and all of them were redirecting to some ’orrible malware site. Some charming person (it could be anyone from a spotty fifteen-year-old script-kiddy to a big organised operation in Eastern Europe or the Philippines) had seen fit to hack into my server in the US and insert malicious code into my html files.

Congratulations boys. The entire audience of some totally obscure, tiny fan sites could be yours!

Why bother? Yes, I must admit the thought went through my head a few times as I laboriously re-uploaded all the files in all my ten websites, changed all my passwords several times, and went through the painful process of uploading two installations of Bulletin Board software. As did a little imaginary bullet through the head of an imaginary hacker.

It’s incredible isn’t it? No matter how much effort you go into building a snowman, some twerp comes along and kicks it down.

Anyway, I missed a couple of files the first time around and had to go through the whole process again a few days ago, at which point my brain began to leak out my ears and the top of my head explode. Thankfully, my host in the States, Dreamhost, were helpful as always, and this time—fingers crossed—all the sneaky code snippets have been removed. Of course both times I had to go yet through another process to get Google to reassess the sites and take down their warning signs.

So, if I you host any websites, allow me to give you a bit of advice. Number one, use SFTP instead of FTP when uploading files to your server. The latter sends unencrypted code (with helpful pointers like ‘username’ and ‘password’ included) across the netwaves, and can be intercepted, as I so annoyingly found out. The former sends it encrypted. It should be as simple as selecting an option from a drop-down in your FTP client.

Number two, update all your software installations—WordPress, phpBB, whatever. Make sure you have the latest versions, which should have the best security. Get rid of outdated plugins and update the ones you do use.

Number three, change all your passwords and make them harder. Mine had got far too simple over the years, and I was repeating myself. You may have to use some kind of ‘one password’ solution, and you may never actually remember any of them again, but don’t use single, actual words, and throw in some numerals and possibly symbols.

While you’re doing all this, backup all your files so you have clean versions in case anything goes wrong. Hopefully, you will now avoid having to go through the tedious time-wasting rigmarole I’ve been subjected to.

Unbelievable isn’t it? Modern life is making code-monkeys of us all.


Greetings from the Hollow

4 comments

Xmas 2010

A very merry xmas to all those who stumble across this site in their travels; may happiness and good health await you at every turning. Headless Hollow has now existed for some five and a half years—a lifetime on the internet. I will vow, as ever, to update this site more often next year!


What tha-

2 comments

Bear with me folks, I’m finally converting my blog to WordPress. It may be a little messy around here for a while.


I’ve Had It With Movable Type

3 comments

Warning: geeky programming content follows!

This blog started on Blogger, then moved to Movable Type, and now, with the release of MT4, it’s time to move again. I’ve had it with Movable Type. In this day and age of visual communication, Movable Type persists in being the most complex and user-unfriendly content management system I have yet to come across. It may be venerable, it may be powerful, but the company can’t seem to get a decent set of tutorials together, leaving 90% designer/10% programmer types like me floundering in an ocean of wikis, messy documentation, and articles that assume so much knowledge on the part of the reader that it’s virtually impossible to get anywhere.

In start contrast, there’s Expression Engine. I’ve only just started going through the tutorials and already it’s starting to make perfect sense.

Take note companies–if you’re trying to sell to the public, then you have to put as much effort into communicating to them how to use the product as you put into your product itself. MT may be the best content management system in the world, but if I can’t find clear, easy-to-understand documentation on how to use it, how will I ever know?
Things may get a little messy round here as I change it all around to the new system. Bear with me readers!


New Masthead. Geddit?

3 comments

Ships–pirates–masts! Brilliant!
A revamp to the masthead to brighten up the front page a little. Bought a great Dover clip book/CD-ROM of pirate imagery and this wonderful illustration by Howard Pyle (1853-1911), an American illustrator, just cried out to introduce my site–“So the Treasure Was Divided”, 1905, Harper’s Monthly.

Yeah, I know the quote is from Ben Hur. Somehow it all works for me.


Ahhh-choo!

Comments Off on Ahhh-choo!

Hmm, it’s getting a bit dusty around here. Looks like I’ve been working too hard again and neglecting the place. I must get the cleaners in.

Oh, by the way, sorry the comment links have disappeared off the Diversion posts. Some bizarre technical glitch I haven’t been able to fix yet. I’ll get them back as soon as I can. In the meantime, if you really have something important to say about a Diversions link, click the Archives button at the end of the list. Thanks.


Sorry for the Silence …

2 comments

Still here folks, just moved into our new house/studio, unpacking boxes, getting the ADSL up and running, shifting large heavy objects … back soon!


Get diverted—then talk about it

1 comment

A friend of mine has always wanted me to add the ability to make comments on items in my Diversions list—well Mr Miller, I had an idle moment late at night and now you have your wish. Bear with me while I fine tune the templates that go with this deceptively complex addition to the Hollow. No doubt I have now opened the floodgates to spam galore!

PS Click the little little number link to view or add comments.

PPS By the way, this is as good a place as any to reveal there’s little personal effort involved in snaring these online diversionary nuggets. They’re supplied by friends, stolen from blogs often more interesting than mine (eg Boing Boing) and occasionally stumbled upon by yours truly. But you knew that, didn’t you?


All Quiet on the Headless Front

4 comments

Yes, well, it’s all about work at the moment isn’t it? Sorry about the silence around here. But when you’re simultaneously doing four websites, one packaging job, a corporate identity, some Flash banners and any number of other bits and pieces, there isn’t much time to squeeze in blogging. Not to mention the fact you’re not doing anything interesting enough to talk about.

Still, I can’t complain about the amount of work Universal Head has been getting lately. I’ve just forgotten what it’s like to take one of those holidays where you actually have the time to completely get out of work mode … sigh. In a few months maybe.

In the meantime, I’ll keep the Diversions column changing, even if this main column may be a little maudlin for a week or two. Right, Head down …


It’s good to be back

5 comments

After a horrifying week and a half on dial-up, I’m finally back on broadband. It’s interesting to experience how geared the web—and my business—is to broadband these days. Working on a 56K modem was like crawling through a vat of molasses. Anyway, for those of you looking for a good service provider in Australia, I can tell you my experience with iiNet has been excellent. They were fast, efficient and friendly, and the support people were great. Since they’re taking care of my phone line too, I can potentially reach download speeds of up to 12,000kbps! (Already, at 1,500, it’s faster than any connection I’ve had before.) Rockin’ good news!


« Older Entries

Page 1 of 212