成功把 wordpress 從 2.3.x 升級到 2.8. 照著 官網上的說明 一步一步做, 過程不算輕鬆但也不困難.

或許是因為本來就很陽春, foundation theme 似乎完全沒有問題, 這下沒那麼急迫需要換 theme 了.

考慮換成 Pixel theme, 慢慢改裝中.

又被 hack 了, (上一次的紀錄) 這次的狀況跟 這邊 說的一樣. 準備升級至 Wordpress 2.8.

一直用的 foundation theme 早已是個孤兒沒有人維護, 換哪個 theme 才好呢?

Here it comes again, referer spam from Microsoft’s live search engine is back. It managed to bypass the mod_rewrite rules I got from The Art of Web the last time I was spammed.

New rules (again, from The Art of Web) were installed last night. So far, the log spamming seems to be stopped.

Huge thanks to people from The Art of Web for documenting this instance and updating their blocking method.

GION is a project I recently created as a part of my effort towards cleaning-up some of the not-so-pretty and strengthening exception safety of the project code base at work.

It’s released under one of the most permissive FOSS licenses I know of, MIT license, in hope, would help others to write better C++ more easily.

Feedback welcomed.

在幾個月前還沒確定落腳處時, 經過一個月左右的奔波面談, 幸運地拿到幾個 offer letter. 其中一個是玄力科技.

玄力是一間今年初剛創立的 startup 科技公司, 致力於研發利基型的創新資安產品. 我與玄力的幾位 key person 談過, 他們很 nice, 也都很有抱負很有想法. 其中的 founder 更是有在美國成功的 startup 經驗. 制度面上的設置是 startup 中少見的完善. 在台大育成中心的小辦公室裏面, 我看到了理想衝撞出來的火花, 只是有了老婆卻沒存款的我沒條件也沒膽量在這個時候再去 startup 拼一次.

你是想找個 fresh start 的 C++/Linux 人嗎? 可以去聊聊天, 說不定你也會喜歡玄力.

玄力徵才 on OSSF and 104.

這幾個禮拜從 COdE fr3@K 的 log 開始注意到有愈來愈多 “人” 被 search.live.com 經由 “jeffhung” 這個 keyword 導到我的站上.
(more…)

I received an email yesterday afternoon, informing me this blog has been hacked:

Regarding fsfoundry.org,

This email is not an April’s fools email and it has been sent to notify you that your blog’s version is old and needs to be updated ASAP as it was hacked.

While tracking some Viagra spammers I have come accross several links coming from your blog and, after testing it, it appears your blog is 2.1.* generation hence vulnerable to SQL injection blind-fishing attacks. Search Google to learn more. In a few words: spammers can take full control of your blog in a matter of minutes and deface it at will.

These attacks are as serious as they can get as the spammers have full access to your blog and add hidden HTML elements to mask their links.

You MUST update your blog to the latest official WordPress version and manually clean your last 5-10 posts of the parasite links which you will only see in HTML view.

Not doing so may attract severe search engine penalties as you are currently linking to sites with VERY bad reputation.

Hoping you will take required action,
A.S.S. (Anonymous Security Specialist)

PS: I got your email address from your Dashboard / Users Management Section. I have warned many during the past months regarding the vulnerable blogs, being a blogger myself, but it seems I haven’t warned everyone. Lateste WordPress is secure.

PPS: Your login name is XXXX and password hash is XXXXXXXXXXXXXXXXXX

(more…)

最近一些朋友在我這邊留言, 貼出來的結果常常不如預期. 我也是過來人, 很清楚他們雖然都是 programmer, 但其實對 HTML 並不熟悉. 就跟我一開始寫這個 blog 的時候一樣. 現在的我當然比以前好多了, 勉強還有一兩樣東西可以拿出來與其他人分享.
(more…)

SiteMeter 是一個提供幫助 web master 了解 viewer 瀏覽網站行為 服務的 provider. 有太多網站, 尤其是個人網站與部落格 (包括 COdE fr3@K) 使用他們的 free package.

大約幾周前, 除了原有的 SiteMeter, 我在站上另外加裝了 StatCounter (一個較少人使用, 提供類似服務的 provider). 今天有空看了StatCounter 的 一篇 blog, 才驚覺 SiteMeter 可能已經被 SpecificClick Network (一家專門側錄分析使用者在網上行為的公司) 收買. 雖然 StatCounter 沒有指名道姓, 但很容易就能猜到說的是 SiteMeter.

(more…)

今天晚上手癢, 把 permalink 上的 archives 字串拿掉, 以及最後面接著的 Post ID 換成 Post Slug. 也做了苦工把站內所有找到的連結一併更新.

這次的改變, 完全是因為個人理由, 將導致外部連結到站內 blog entry/category 等等失效, 也可能會產生其他沒預期到的問題, sorry.