Tech Ravings

I want to shout out Mouseclone for letting me know there was a problem with this site. I was contacted on Friday about an alert that was raised to him that I had a possible iframe hijack on my site. Not really knowing what he was talking about I quickly scanned my source code for the exact iframe source that he provided. Not finding anything I dismissed it as many users of SocialSpark visit me and he possibly confused me with someone else.

 I did find today that in fact a database injection had been done and the iframe was there. My mistake was that I only hit the home page and the iframe was on the previous page. The iframe source refers to 61.155.8.157 and after some examination of the obfuscated JavaScript, redirections were discovered. I’ve contacted the server abuse department and will follow up if these people are not shut-down.

Welcome to the interwebs. This is the second time I have been hijacked in the same way. This is a new theme that I have gone through and can not find malicious php code, and since it’s in the admin section I can only assume that it’s a Wordpress security problem. This however is the second time I’ve found hijacked stuff in my database!

While I have gone through every line of code in both this theme and the access logs for this site I can not find how this is happening. Which make me very cranky as it’s happening.

My apologies to anyone who has gotten alerts. Systems are in place to track and prevent these from happening anymore. I hate Wordpress 2.5 (I just set up a site using it) but if it’s a 2.3 problem I’ll have to upgrade.

I hate to use the old cliche “I’ve been to busy” to write, especially since I used that several months ago, but it’s a correct assessment of what’s been going on. Even as I write this I feel extremely guilty for taking the time away from Zookoda and SocialSpark.

Literally two months up to PostieCon we worked 12 to 16 hour day, even on weekends. Just before PostieCon however a major crisis happened to Zookoda that required immediate attention. At the time we didn’t have a ColdFusion developer to handle the situations. Being that I had worked a little with ColdFusion years before I volunteered to look at the problem.

Well a “problem” turned into problems so my typical day since PostieCon has been wake at 3:00am and work on Zookoda till 9:00 am. 9 to 6pm is SocialSpark with 6:00 pm to 9:00 pm. It’s a tough day, but in the 2 months that I’ve worked on Zookoda it’s stabilizing. Come the third week of January time should really open up.

So if you’re checking in I appriciate it, however have no updates on cakePHP at the moment. Other than it was shot down as an alternative to Ruby On Rails for building the smaller ancilary sites for IZEA. It really is a shame that some people don’t view PHP as an object oriented language due to the sloppy programming of others. On the other hand the decision to go with Python for the back end work is something I am eager to work with.

So here it is four (five?) months later when we really ramped up building SocialSpark and when the time requirements dropped after PostieCon I kept it going with SocialSpark and Zookoda. All I can think of at the moment is “Two great tastes that don’t go together.” It’s all good though as both are worth it.

So if I don’t get the opportunity to post again for the remainder of this year I wish you a safe and happy holidays! As my new years resolution I promise to post more, especially about JavaScript. Of which I had actually started to write a booklette on the subject but…

Happy Holidays.

Ever had one of those weeks where you’re riding high one day then buzzkill the next? I’ve had another one this week and I thought I might share it with you for your enjoyment. I guess you can really call it what you want but really let’s face it this is the internet so as developers we can expect these roller coaster rides, but even the old saying of a “New York Minute” now seems like days.

Last Saturday (November 10, 2007) Social Spark is announced! As a reader you have no idea how much emotion went into that announcement from Ted Murphy and Peter Wright as well as the rest of the PayPerPost employees as a whole. I intentionally never made posts on the progress of the development of the system because A) I really didn’t know what I could say, B) Things were changing and what I said then may not be there tomorrow.

Because I got to go to Las Vegas for the “un-veiling” of Social Spark my job there was to assist new registrants during the session. During the un-veiling I had the opportunity to be the outsider and see Ted and Pete give the presentation, view the live chat going on via meebo, and the final standing ovation from both posties and advertisers at the conclusion.

Last Sunday (November 11, 2007) If you know me personally then you could say that even though I may gamble with my life (rock climbing, bungee jumping, paintball, and anything for adrenaline rush) I’m not the type to gamble with money. So against a compatriots insistence I did gamble in Las Vegas. Not only was I able to pay him back in full I had some left over to enjoy the rest of the day.

OK so the rest of the week was the anti-climax. Plane left at 10:45 pm mountain time and I didn’t get a lick of sleep on the plane and arrived several hours later only to go to work. Luckily we got to knock off at noon EST. Up until yesterday (November 15, 2007) everything was going fine. Just getting ramped up on what needed to happen to Social Spark in the up coming days, and my continued development of ZooKoda.

Yesterday (November 15, 2007) I awoke at the usual time of 3:00 a.m. and worked on ZooKoda as usual. At 7:30 I arrived at Pete’s house all cherry eyed and hoping that he was finally the same. Unfortunately that was not the case. He informed me that Google has launched a seemingly attack on all PayPerPost bloggers.Wow was this a shock to me! I mean Google has been de-valuing “advertising sites” for a while with minor penalties but come on several days after the announcement of Social Spark and the announcement of RealRank then BOOM Google seems to act?

I waited in anticipation for the next hour and fifteen minutes to get to work. Yeah, the commute stinks. I immediately booted up and went here to Tech Ravings and wouldn’t you know it I was zeroed as well. I don’t blog for money, hell that’s against my contract! Sure if you read the full post I have (had) AdSense advertising so why pick on me?

Yesterday (November 15, 2007, 9:00 a.m EST) OK so Google zeroed a bunch of bloggers let’s find out why. Being relatively benign in this situation as I don’t run sponsored posts and really only hope that someone clicks the donate button I should have been relatively safe, but got zeroed anyhow. So playing the optimist in this who else could Google be targeting?

Using Google’s own search engine on I.E. 7 and with the Google Tool Bar installed I checked random blogs and sites that made announcements. Under no circumstances did I even pretend to evaluate the blogs within the Izea system, in fact I used used such Google queries as blog+mybloglog, blog+blogrush, blog+25b, etc. Here’s what I found.

Yes PayPerPost got hit. I did find many blogs that still had Page Rank but overall any bloggers that mentioned or had any code installed from use got zeroed. But that’s not the only confusing part. It also became quite apparent that only site that had the BlogRush widget (not the mention) also appeared to be hit as well. I searched dozens of websites that mentioned Blog Rush and they were fine. Yet it was funny that when I found a website that had a blog rush widget they didn’t fair so well. Even with years of posts they shouldn’t have low rankings.

Today(November 16, 2007, 4:45 a.m. EST) I came in early at 4:00 a.m. to get some needed work done on ZooKoda. As usual I was sitting in the office in complete darkness with only the soft glow of the monitor lighting my area. About this time at 4:45 I heard the office door open and close. No big deal really it’s an office after all so it could be one of the sales people collecting something before leaving, Ted, anyone really.

Five minutes later I see a flashlight come around the corner to my right and a second later the police officer holding it. I jumped quickly and the officer jumped as well, neither of us expecting this surprise. Quickly then another officer came around the corner hand on holster. After a short burst of questioning as to what I was doing here it was told that the building had been broken into and a sweep for the intruders was being done.

Today(November 16, 2007, 9:00 p.m. EST) So here it is really one week later. At this time last week my guts were torn up wondering, did I deliver everything that I could or should I be looking for a new job. Last Saturday told me that I was absolutely on the right track with Izea and that I had finally found a place to call home! I did my best with the rapid development of Social Spark even though some of the team member clearly had a better handle on the Ruby On Rails portion. However my role was more of the Java, ActionScript, and JavaScript.

So let’s get to the conclusion then; it’s late and I have to be up in a while to work on ZooKoda stuff. I truly honestly believe that Google has become a big headed monster drunk by it’s own power. A lot of good things and bad things has happened over the past week. This whole Google ploy really has me steamed as it really become apparent that they are protecting their self interests while trying to monopolize the share of search engine placement. 

All I know is that I work for PayPerPost, Izea, ZooKoda, SocialSpark, RssBrief and if Google or anyone else wants to bicker with that then fine. For note there is still a lot more work to be done to Social Spark and a lot more good things are coming. Hopefully not so much a roller coaster ride as this week.