Press "Enter" to skip to content

Posts tagged as “Webworks”

[twenty twenty-four day one five one]: traveling to con carolinas

centaur 0

Long day packing, driving, arriving, and taking care of stuff, so, no real post for you, will post my schedule tomorrow.

Also, uploading images are still borken, so please enjoy the following blast from the past (my steampunk bookshelf from my old library) while I work on replacing my hosting provider (since there seems no way to increase storage as a stopgap).

Blogging every day.

-the Centaur

P.S. Posting "drawing every day" is on hiatus until I fix the images, but by my count I'm up to day one five two (one day ahead of today). I'll keep noting that as a postscript on the blogging every day posts.

P.P.S. Apparently I was real clever and posted my blogging for Wednesday late, late Tuesday night (in the Wednesday AM) so technically this is the Thursday post, but, whatevz.

[twenty twenty-four day one four eight]: red herrings

centaur 0

Okay, it's not a red herring, it's a grapefruit, but I am able to upload images to the site again. It appears that when my hosting provider said I had "15 gigabytes free" what they actually meant was "0 bytes free". So I spent an inordinate amount of time trying to fix permissions on the directories when the real problem was that I was out of disk space (which causes the same error).

I already knew I needed to change hosting providers. I guess it's time.

-the Centaur

Pictured: Not a red herring, which I don't eat for breakfast anyway.

[twenty twenty-four day one one five]: prioritizing wordcount

centaur 0

Way behind on word count, please enjoy this picture of sushi at One Flew South in the Atlanta airport.

Lots of work to do, not much time left to do it.

-the Centaur

P.S. Oh good grief! This blogpost is having trouble uploading its images, so I'm rabbit-holing on trying to post a simple update, instead of typing words! AAA! Turns out the problem was the wi-fi in this Barnes and Noble Cafe, which allows me to download gobs and gobs of images, but chokes when uploading even relatively small files. I have seen this before at internet cafes and I can't quite tell why that is happening.

[twenty twenty-four day eighty-two]: your abstractions are leaking

centaur 0

SO! My Facebook AND my credit card were both hacked within the last few months, so I was understandably freaked when I logged into the Library the other day and got a security warning. This SSL warning sometimes shows up when your network configuration changes - or when someone is trying to hack you - so I got off the conference network and used my phone's mobile hotspot. Unfortunately both the Library's WordPress control panel AND the main page showed the error, and I got a sinking feeling. Credit card got hacked a few months back, remember? And when I checked the certificate ... it had just expired.

Assuming that whatever service I use for SSL had expired due to that credit card issue, I tried to track it down in the WordPress control panel, but pretty quickly decided that digging through notes, credit cards and passwords in a public conference hall was one lapse in opsec too far. Later that night, I tried resolving the SSL issue, but found that something was wrong with the configuration and it couldn't update itself. Exhausted after a long day at the convention, I decided to get up early and attack the problem fresh.

The next morning, I found I had apparently set up WordPress to use an SSL tool which didn't play nice with my hosting provider. (I'm being deliberately vague as y'all don't need to know all the details of how my website is set up). Working through the tool's wizard didn't help, but their documentation suggested that I probably needed to go straight to the provider, which I did. After digging through those control panels, I finally found the SSL configuration ... which was properly set up, and paid through 2025.

WAT?

I re-logged into the control panel. No SSL warning. I re-opened the website. No SSL warning. I doublechecked on both another browser and another device. Both listed the site as secure.

As best as I can figure, yesterday afternoon, I hit the website in the tiny sliver of time between the old certificate expiring and the new one being installed. If I was running such a system, I'd have installed it an hour early to prevent such overlaps, but perhaps there's a technical or business reason not to do that.

Regardless, the implementation details of the "website is secure" abstraction had leaked. This is a pervasive but deceptively uncommon problem in all software development. Outside the laws of physics proper, there are no true abstractions in reality - and our notions of those laws are themselves approximations, as we found out with Einstein's tweaks to Newton's gravity - so even those laws leak.

Even a supposedly universal law, like the second law of thermodynamics that Isaac Asimov was fond of going on about, is actually far subtler than it first looks, and actually it's even subtler than that, and no wait, it's even subtler than that. Perhaps the only truly universal law is Murphy's - or mathematical ones.

Which brings us to the abstractions we have in software. In one sense, they're an attempt to overcome the universal growth of entropy, in which case they're doomed to ultimately fail; and they create that order with a set of rules which must be either incomplete or incorrect according to Godel's Incompleteness Theorem, which means they'll ultimately either fall short or get it wrong.

When developing and maintaining software - or deploying it and managing it in production - we always need to be on the lookout for leaky abstractions. We may think the system we're working with is actually obeying a set of rules, but at any time those rules may fail us - sometimes spectacularly, as in when my backup hard drive and internet gateway were struck by lightning, and sometimes almost invisibly, as in when a computer gets in a cruftly state with never-before-seen symptoms that cannot be debugged and can only be dismissed by a restart.

So my whole debugging of the SSL certificate today and yesterday was an attempt to plug a leak in an abstraction, a leak of errors that created the APPEARANCE of a long-term failure, but which was ACTUALLY a transient blip as an expired certificate was swapped out for its valid replacement.

What's particularly hard about leaky abstractions, transient failures and heisenbugs is that they train us into expecting that voodoo will work - and consciously trying to avoid the voodoo doesn't work either. On almost every Macintosh laptop I've used that has had wireless networking, it can take anywhere from a few seconds to a minute for a laptop to join a network - but once, I had the unpleasant experience of watching a senior Google leader flail for several minutes trying to get onto the network when I had to loan him my laptop to present in a meeting, as he kept switching from network to network because he was convinced that "if the network we're trying to join is working, it should immediately connect." Well, no, that would be nice, but you're sending bits over the fucking air like it was a wire, and connection failures are common. This was a decade and a half ago, but as I recall I eventually convinced him - or he got frustrated enough - to stop for a moment, after which the laptop finally had a chance to authenticate and join the network.

Debugging software problems requires patience, perseverance - but also impatience, and a willingess to give up. You need to dig into systems to find the root cause, or just try things two or three times, or turn the damn thing off and on again - or, sometimes, to come back tomorrow, when it's mysteriously fixed.

-the Centaur

Pictured: a blurry shot of downtown San Francisco, where the abstraction of taking a photo is leaking because of camera movement, and the same intersection, with less leakage from motion.

[eighty-seven] minus one-two-one: can i help? i think i can help

centaur 0

So, in case you don't own this cat, the little brow-furrowed face Loki is currently making is his "I really want your food but you're not letting me eat it, so I'm going to sit just at arms length and fume" face. He thinks if he waits long enough, he'll be able to sneak in and try some. My long arm thinks otherwise.

Anyhoo, while I said I wanted to put blogging at the first of the day to make sure it got done, it turns out that I was way more interested in making sure that I didn't fall grievously behind on my Camp Nano project, Dakota Frost #7, SPIRAL NEEDLE, nor miss any of my other responsibilities.

I'm mostly caught up now, so I'm trying to put blogging back on the queue. Interestingly enough, after my rant about blocks, the WordPress folks have reached out to talk to me about blocks. Talk about customer service! So I'm also blogging trying to replicate the bugs I observed the other day that set me off.

So far, I cannot replicate the cut-and-paste error, where trying to select all the text only copied part of it - it is entirely possible that the system had just gotten into a cruftly state, which can happen to any program of sufficient complexity.

I can, however, replicate the cut-and-paste problem I had, where trying to re-order sentences introduced new paragraph breaks in a way that's not standard for Word, Google Docs, or TextEdit. This is probably most directly attributable to the text being in blocks, but it might be fixable.

I also reproduced the "Where's Waldo" interface issue where I could not easily inject new blocks - though now I see that can be fixed with a carriage return followed by a slash, which is documented in the interface, it is also possible that at the time something was just wrong with my editor.

I also debugged the problem I had with the interface. In TextEdit, Word and Google Docs, the first line of your document is the first line of your document. In WordPress, it is invisibly a title, as opposed to the Classic Editor which distinguishes this with a different text entry box. This is also probably fixable.

But there are other strange errors. Like, the sidebar that let you change the properties of the post are normally present when I blog, but had disappeared when I started this post. Weirdly, not even the button to show them was present - I had to toggle several other buttons and then it appeared, just where I remembered it. Not sure what's going on there. Since I restarted my computer recently and re-logged into WordPress, perhaps this is a "sticky" setting that went away when I cycled my browser. Still investigating.

-the Centaur

Pictured: Loki, trying to help me study generative AI.

[eighty-nine] minus one-oh-six: i don’t know they’re literally incompetent …

centaur 0

This is your daily reminder that the Gutenberg editor of WordPress is a dumpster fire. I don't know that the people who made it are literally incompetent as far as technical coding goes: the bones of the program seem to be a well-functioning machine that rarely breaks down.

But Gutenberg is incompetent as a text editor, and whoever designed it was literally incompetent in terms of the "blocks" based design that they chose to push on all of us, because the "blocks" editor literally does not work as a text editor: basic things like selecting text, cutting it, and pasting in into a new place don't work, because the "blocks" break up your text selections and prevent you from maneuvering in the document.

Microsoft Word doesn't have this problem. Google Docs doesn't have this problem. Overleaf doesn't have this problem. Dropbox Paper does, a little, and it shares the incorrect (and I will fight you on that) "Where's Waldo" style interface which hides the text editor controls when you're not hovering over them, making them undiscoverable - perhaps Dropbox was also infected by "user experience."

But most damningly, the Classic Wordpress editor didn't have this problem. They had something that wasn't broke, and they didn't fix it with the incompetent thing they replaced it with, but they were so committed to forcing everyone to use their new thing, they broke the old one. (This is your daily reminder that using Classic Editor in modern WordPress destroys the formatting of the posts).

And I want to point out: the person who did this, Matt Mullenweg, did this to us on purpose:

We Called it Gutenberg for a Reason

It moves the WordPress ecosystem forward, but it also moves the whole web forward. Which is scary! Because change always is, and this is a big one. But a scary thing is usually a thing that leads to growth, if you can push through it. ... apathy would worry me a lot more than disagreement or controversy. Creating great software will never make every person happy. 

So, in case you have trouble parsing this ... Matt and his team wanted to push a technical change which benefited their "ecosystem" - likely, just some internals of their system that they wanted to clean up, which would make it easier to implement features no-one wanted - and they started with a mindset that interpreted their failures as user unhappiness and software problems as complaints, which people needed to just power through so they could get to their new world order.

Matt, you took something that worked and broke it, and replaced it with something which will literally never work. Text editing is not block editing, and it's never going to be. It's a serial string of tokens that encodes a proxy of speech, and if you try to impose blocks on it, your editor will fail, as yours failed me today.

I was working on a post. One not much more complicated than this one. But simply cutting and pasting text was something that the Gutenberg editor failed miserably at, and I was not able to successful edit my text. Even copying it out to Word took several tries, because not only did Gutenberg make it hard to select all the blocks, it did not even copy the text out of all the blocks, so I had to do it piecemeal.

I don't actually want to give up on Gutenberg becoming better. But I strongly feel the only way to successfully fix the interface it is to thow away the key metaphor behind it - the block. That's fine as a backbone behind the text which WordPress uses for rendering - but a text editor should manipulate text.

-the Centaur

Pictured: some nice flowers which the previous owners planted near a corner.

[eighty-six] minus one oh four: the nonsense continues

centaur 0

Above you can see the latest nonsense: today this is what the "new" Gutenberg editor on WordPress started showing me when I start trying to write a post. There are no text controls, the place to write is tiny, and most of the page is taken up by a "Featured Video" section that I have never seen before and never use.

I haven't updated WordPress recently. I've never, that I can recall, used the Featured Videos feature, and certainly haven't done so in the past ten or so posts. Yet the editor appears in this mode, even if I refresh the page to get a clean view. I just want to edit a document! Why is this interface doing everything but that?!

For clarity, below you can see the normal view I get when creating a post: a place to type text, along with text controls, with the video editor present only as collapsed bar (not visible in the normal view, but it's still there, way down on the bottom of the page).

Back in the old days, the industry promoted standards for keyboard shortcuts in menus so they would be easy and consistent to use - but early in the history of the Macintosh, Apple failed to deliver these in a point update, and started pushing the idea that we didn't need keyboard shortcuts, just the mouse. It's now even hard to find information on these standards, much less the articles that documented how they disintegrated - it's like these articles got scrubbed from the web, but it's more likely the original sites are gone, and any few that remain are now lost in a deluge of helpdesk articles on keyboard shortcuts.

Back in the old days, the industry promoted borders for windows to resize them, visible scrollbars to do things, and buttons with tooltips - but then a flood of print design people flooded software development after the introduction of the web, and the so-called "clean" look of print began to be applied to our tools. Nowadays, to resize a window you have to aim for its literally zero-pixel-wide edge, you need to dig in the settings to make toolbars appear, and finding the controls in an interface is a game of Where's Waldo, except Waldo is invisible most of the time, and sometimes moves around the screen to avoid your mouse.

These things aren't happening because software creators are trying to make their software usable: they're happening because they want to feel good about how it looks. Let's stop trying to make "user experience" happen: it's the wrong direction for software tools that people use, which requires a focus on usability.

The first test of your software is whether people can use it.

Usability is king, and only usability is usability.

-the Centaur

Pictured: The Gutenberg editor, which decided to start today in a mode I've never seen before. :-/

[eighty-five] minus one-oh-four: what even IS that?

centaur 0

Recently on Twitter I said everything's going to hell in a handbasket on the Web. Let me show you ...

Oh, wait, I can't show you, because WordPress's Gutenberg is not letting me paste a link. More properly, it's turning the link into a Twitter embedding. Now, that looks nice, and it seems like a nice feature, but I didn't want that, because Twitter is increasingly erratic, and I am afraid the Twitter embedding feature will go away when Elon Muskhead gets tired of suing people over his own stupid mistakes and starts mucking with the code again. So I just wanted to paste a link, and then the text, myself.

But I had to "hack" the interface to do it, first posting a different link, which I then edited to point to Twitter. Does that seem right to you? That's one thing that inspired my post. Let's try again to see it:

https://twitter.com/xenotaur/status/1677735989249298441

Anthony Francis @xenotaur
The Web feels like it is disintegrating. Popup ads everywhere, train wrecks at Twitter and Reddit, Threads is just mobile, sponsored results on Google, fake reviews on Amazon.

And here I am watching my 1,000 curated RSS feeds slowly vanishing, going "This is fine…" #ThisIsFine

ttps://twitter.com/xenotaur/status/1677735989249298441

Part of the problem is what Cory Doctorow calls the "enshittification" of the Web: first companies are nice to users and attract them; when they have users they screw them over for their business customers; and then they screw business users overs as they start to chase advertisers, eventually driving the users away.

I think that's right, but it's more than that: people lose sight of what the Web actually is. Web 1.0 is a place to share documents; Web 2.0 is a place where you can create them online. We've had ads and subscriptions in this place since their earliest days, and I don't mind them - I put "banner ads" on my early website to advertise people whose blogs and books I liked, for free, just to publicize them.

But losing sight of the purpose - turning editors into viewers, or documents into ads streams - means the reason people were here, to consume and create content, can no longer be accomplished. And that's going to ultimately kill the great grift that is modern Web advertising - but let's not kill the Web too!

As an on-point example, I offer the Gutenberg editor, which constantly hides from you the widgets needed to transform a piece of text into, say, a pull quote, because it is incorrectly (and I will fight you on this) trying to make the page look like a piece of paper, instead of a craftsman's tool for producing text, with all the bells, whistles and knobs needed to make it format right, much less look good. Want something simpler? Fine, try Notepad. Don't inject your bad UI design into my editor, which, as I remind you, I am forced to use on my platform, which I never wanted to, because they broke the Classic Editor to push this idiocy.

It's not that the features aren't useful. It's that the entire philosophy of "UX" - user experience - is wrongheaded, and we need to go back to the more basic principles of software usability. Usability is not "modern", usability is not "clean", usability is not "design" - only usability is usability.

And so, if you take a tool that is designed to produce text ... and try to make it look like a view of text ... you will inevitably end up with something that is not usable. And if your philosophy tricks you into thinking that that is OK, your philosophy will drive you to make decisions which make the interface less and less usable.

And that would be the end of rant ... except I have a counterexample at the top of the page.

This is a page that recently appeared in my reading. I will take the clean, modern, well-designed Gutenberg editor any day over what modern web pages have become. Look at that above! What even IS that? What is it supposed to be? Where did my article go? What are these different blocks supposed to be advertising? They're so layered over each other you can't completely see any of them. "Choose great value" sounds like a line from a badly translated JRPG.

As best as I can determine, somehow I scrolled down to read the rest of the article, and it jumped to a join between articles on an "infinite scrolling" page. While some infinite scrolling pages are OK, most simply aren't. Especially a page for an article: you can't read the article anymore with infinite scroll. It doesn't stop, and if the next article has a similar topic, it can even seem like a new heading, making you wonder what the connection is, but giving an opportunity to sell ads - leading to what I think happened here.

So, while trying to read, and thus, scroll through this content - an article which claimed that Doctor Who's time travel was surprisingly accurate, which is more true than most people know - the page jumped to a join between articles in the infinite scroll. Because the page "jumped", all of this just popped into view; it wasn't clear that I scrolled, or that scrolling would get me out of it). The layout completely hides the articles above and below, and the jumble of popups fall over each other, leaving me no context of what to click on.

If you try to turn a document reader into an ads stream, you will fail at doing both.

I fear for the future. Because I love the Web ... and it's killing itself.

-the Centaur

Pictured: a screen shot of screenrant.com, of a broken article on the science of Doctor Who, correctly recommended to me by Google News, and completely garbled by ScreenRant's infinite scroll and jumbled ad presentation, leaving me unsure of what, if anything, to do other than ... just close the page.

(Actually, I reloaded it from scratch, selected the text of the article, and printed it for later reading. I don't care if there's an ad on the page or not; that's fine. I just demand to be able to read the darn thing.)

[forty-two!] minus nineteen: well, at least i have a system now

centaur 0

Recently, when digging through old posts, I was reminded that Classic Editor posts are broken in WordPress - all the paragraph breaks are gone, and the content is mashed up into one grey wall of text. Thanks, WordPress, for forcing everyone to switch to a worse editing experience AND breaking all our old content.

[hang on a second, i have to start clicking around at random places on the page to try to find the widget or control that will let me start typing again after inserting an image, because software USABILITY has been replaced by "user experience" folks from a graphic design background who have mistaken making things LOOK GOOD IF THEY HAD BEEN PRINTED for the very different ACTUALLY WORKING WELL AS A TOOL - I'm looking at you, WordPress Gutenberg, Dropbox Paper, and everything like you where you have to hover or click or click and select and hover random parts of the page to make it work. Okay, I can start typing again.]

[[ and yeah it just did it again while i was just fricking typing ]]

Ok we're back.

Ok?

Ok.

Anyhoo, I have like a thousand old posts (1371 published, according to the dashboard), but the block converter for fixing these no longer works. I wish I had discovered this problem earlier, but I just didn't expect to have to do blog archaeology when I moved to Gutenberg.

Regardless, however, I now have a system. I open the All Posts page on the WordPress dashboard, and scroll backwards in time until Classic Editor posts start showing up - nice that they provide that nudge to get us to use the new editor, isn't it. Once I find some Classic Editor posts, if you hover - AAAAARRRRRGH, don't mind me - I say, if you hover, you get the option to open with the Block Editor. FORTUNATELY, this is ACTUALLY a link and not a bizarre Javascript pseudo-button - Good WordPress, Good WordPress, have a cookie - and a right click will allow you to open this in a NEW WINDOW.

SO! I go down one entire page of results, opening them in a new window, until I've hit all the Classic Editor posts on that page. This creates a gazillion tabs, true, but then you can click on each tab in turn, and there's a simple three-click process which will activate the block editor, convert the old text, and - BAM! - update. Optionally, one more click will bring up the updated post so you can doublecheck it before closing the tab.

The process is laborious - but it's easy to get a whole page full of results at a time, and you can't easily lose your place, as you close your tabs as you go. I've gotten through 3 pages of results so far, each with 50 posts, so I've updated probably something north of 150 pages.

There are 25 more pages of posts to go, but it doesn't take more than 30 minutes, so I can do one a day for about a month and rescue all the old pages.

A lot of work ... but at least I now have a system.

-the Centaur

Pictured: The House With The Impressive Tree In The Front Yard, found in a nearby neighborhood, as photographed in Night Mode on my Android phone during a walk with my wife.

Ugh, WordPress updates edition …

centaur 0

... the block editor of Wordpress seems to be making my old non-block-editor posts turn into solid walls of text. See the post "Pascal's Wager and Purchasing Parsley":

Yeah, it's not supposed to be looking like that. Gotta track those down and fix them.

In other news, my Half-Cheetah policy is successfully training to "expected" levels of performance. Yay! I guess that means my code for the assignment is ... sorta correct? Time to clean it up and submit it.

-the Centaur

Site Updates Slowly Updating

centaur 0

I'm updating the site, which unfortunately means my beloved book banners need to change. The combo of banner, slider of featured posts, and sticky intro post meant the blog content was way, WAY below the fold, which I do not like (and is not recommended). I had plans to revamp the theme, but didn't find one that easily let me do what I want, and the best was becoming the enemy of the good.

So I fixed the glitch instead. I un-stuck the intro post and moved it into both the about sidebar and into the slider, and eliminated the banner, which now puts the recent content above the fold.

Hopefully this works for you. More updates will roll out as I think of them.

-the Centaur

Site and Life Maintenance

centaur 0
taurgarita

It's not that I've not been drawing every day. But my marriage is more important than drawing every day, and my job is more important than my posting every day, and just from the perspective of posting, while we're on that subject, site maintenance is more important than all of that, since I couldn't post.

However, taking a shotgun to all of my plugins (except the Classic Editor, which WordPress Gutenberg can pry out of my COLD DEAD HANDS) and running all available updates got the site back to life. Still not sure what precisely went wrong here, as the failure wasn't correlated with any detectable change.

SO anyway, drawing hasn't stopped, but posting of them will resume when I get the huge box of stereo wires detangled so the site is smooth again. Pictured: me, having a drink with my wife, spending a wonderful afternoon and evening together, most of which did NOT involve any form of drawing.

-the Centaur

UPDATE: The problem was the Jetpack plugin, and it persists even if the plugin is reinstalled from scratch. This has some precedent, as I see other users with the same problem, though I haven't dug deeply enough to understand what is going on in my case.

Days 189-192

centaur 0

Well, something weird happened with my blog which interfered with updates, so, boo, but nevertheless, it cleared up on its own despite my best debugging efforts, so ... yay? #nervous_laughter  And updates. First, here's a quick concept sketch from JEREMIAH WILLSTONE AND THE FLYING GARDENS OF VENUS of the antagonist character "the Parasolite" ... or, more properly, one of her bodies:

the parasolite concept sketch

The Parasolite prime interrogating Puck in her throne room. Looking at both of these, I'm not getting the length of the human leg correct; I need to work on body proportions as much as faces.

parasolite and puck

After a long day of writing Camp Nano (oh, I'm doing FLYING GARDENS OF VENUS for Camp Nano) I gave up and did this quick sketch of Brainyon, the brain-jar spider-boy shown earlier, drafted as a mercenary by our "Robert De Niro in Casino"-styled protagonist / antagonist:

brainyon again

Concept sketch for the Parasolite Prime.

parasolite prime

Drawing every day, even if I can't always post.

-the Centaur

Renovation in Process

centaur 0
So you may have noticed the blog theme and settings changing recently; that's because I'm trying to get some kind of slider or visual image above the fold. I love the look of the blog with the big banner image, but I'm concerned that people just won't scroll down to see what's in the blog if there's nothing on the first page which says what I do. So I'll be experimenting. Stay tuned! -the Centaur Pictured: Yeah, this isn't the only renovation going on.

The Eagle Has Landed

centaur 0

lunar-module.jpg

Welp, that was anticlimactic! Thanks, God, for a smooth update to WordPress 4.7.3! (And thanks to the WordPress team for maintaining backwards compatibility). And hey, look - the Library has close to 1,000 posts!

Screenshot 2017-03-21 12.35.50.png

Expect major site updates in the months to come, as WordPress’s Themes and Pages now enable me to do things I could only formerly do with static pages and hand-coded pages, and it will all be backed up easier thanks to WordPress’s Jetpack plugin.

The things you learn helping other people with their web sites ….

-the Centaur

We are go for launch …

centaur 0


Apollo_17_Night_Launch_-_GPN-2000-001150.jpg

Welp, it’s time: I’ve backed up the Library of Dresan three ways to Sunday, said a prayer … and now am planning to upgrade WordPress from 3.0.1-alpha-15359 to 4.7.3. I know that’s 1.7.2 full version numbers, but it’s been too long, and there are too many new features I need, so … time to press the button.

God, please help me! Everyone else, your prayers, please.

-the Centaur

Obfuscated

centaur 0

Screenshot 2016-03-05 15.03.58.png

Yeah, that goop someone injected into my Dakota Frost site doesn’t look suspicious at all.

(In case you’re not a programmer, healthy code doesn’t look like that. This code has been munged and rewritten so it’s almost impossible to see what it does. Not that I care - I just deleted it. But it makes it hard for someone who needs to debug it, in the cases where you need to debug it.)

Sheesh. Get off my lawn. Still cleaning things up. More in a bit.

-the Centaur

So it was a hacked .htaccess…

centaur 0

hacked-htaccess.png

So, the Dakota Frost site got hacked. May still be hacked, for all I know, because I just found and eliminated only one error, and I still haven’t found out how they got in. Of course, I changed all my passwords everywhere else first before logging into the site, confirming no-one had hacked the user accounts, and then downloading all the code for some forensics.

But what was peculiar was that, even though I could clearly see evidence of hackery thanks to the very nice, publicly available Webmaster tools at the Google, I could not see any difference between the live site and my previous backup except for the addition of the Akismet spam filter, which I’m pretty sure I did myself.

Then I found it, when I detected a strange file named kgcakmhg.php. Tracing it back, in the root of the HTML directory, someone had modified files back in February - first to point the .htaccess to a strange file named baccus-contextually.php, which called the weirdly named file and also relied on changes to the style directory. No changes to the blog code were necessary - everything was being rewritten before it got there.

Removing those files? Easy. Site’s back to normal … I guess. Closing the open barn door? Uh …harder. Since I don’t know which door they came through.

Off to do more debugging …

-the Centaur

So, dakotafrost.com has been hacked

centaur 0

20160304_185447.jpg

So, yeah. I’ve lost sites to hacks before - the wiki on dresan.net, which I barely used - but those were obvious. This one is a subtle hack, not immediately visible, detected by the supercomputers at the Google. Will take a bit of effort to work this one out.

You see disruption here, you know why.

Sigh.

-the Centaur

Testing a Time Delayed Post

centaur 0

conservancy.jpg \

Will be AFK for much of tomorrow, so I’m going to take a shot at having a post previously written come up automatically. Stay tuned …

-the Centaur