Category Archives: Tech

E-Mail Scams Scram

Being a long time “netizen” I probably deal with more spam, scam and virus e-mails than anyone else I know. Thanks to SpamAssassin and Thunderbirds’ fantastic bayesian filtering techniques I luckily only see about 5-10 of these messages per day in my inbox, the rest (at least 100 – 200 messages per day) are being filtered through to my Junk folder and deleted.

Spam is one thing, but some of these damn scam e-mails are something much more diabolical. Now I’m not talking about the ridiculous Nigerian 411 scams that only work because of human greed… I’m talking about messages like:

Dear Matt [which just happens to be the first part of my e-mail address]
Yada Yada… this is notice to inform you that the credit card information that we have on file for your account will be expiring in the coming months, please log into our website and update your billing details. For your personal security, please type “https://www.ourcompany.com” into your web-browser’s location window or click the following link [evil_link]https://www.ourcompany.com[/evil_link].

Sincerely,
Real Name
Valid Company Inc.
http://www.ourcompany.com

Now being that long time experienced “netizen” I can spot these things (usually really quite easily because I use text-only e-mail)… and I know not to click on links in e-mails, period… but how am I supposed to explain that to unsuspecting friends, my father, etc? They look at me like I’m a nutzo paranoid crazy man if I tell them they can’t click links in e-mails at all, never ever, no matter what or who it’s from.

Here’s something that made me laugh today (again because of all my net-experience)… I received a virus e-mail that actually got me concerned (for a few seconds anyways). I actually called WorldPay before I did anything, just to confirm my suspicions and that this was infact a hoax message. It is honestly the first time I’ve ever given any significant number of seconds thought to one of these messages; therefore, it’s a valid share and besides Google has nothing on this yet:

Hello

My name is Dave and I am from the Support of WorldPay.

We have received the payment order (ID 0220712,Receipt Date 09/07/2006) from you and we need to make a verification of the details you have filled in, as we have received a notice from your card service stating that there was a chargeback made by the owner of the card with which you have made the payment and that your level of authorization has been altered during your last transaction.

This is a very serious matter. We have deducted the amount of the chargeback, GBP 149.89, from your account and added our standard fee of GBP 24.00 as well (you can see your payment details in the attachment).

We have failed to contact you using the telephone number you have provided earlier, meeting no response.

As a precaution, we have limited access to your account in order to protect against future unauthorized transactions.Please understand that this is a security measure intended to help protect you and your personal information.

Please contact your credit card company to resolve this matter.

Best Regards,
Dave Gollick
[email protected]

Yes there was some pour grammar in the message and true there was no “Hello [firstname] [lastname]”, but I deal with card processing quite a bit and I actually know WorldPay and their services, plus there were no links off-message… It was enough to get me thinking anyways. Of course the major tip off was the attachment. Why the heck would WorldPay attach a .zip file of the unauthorized transaction? Either way, that quick call to WorldPay confirmed that indeed it was a hoax. Question solved.

I’m actually not sure where I was going with this blog entry now… I was just annoyed and thought it would be fun to share… so yeah, I’m leaving now.

Ugly Coding Standards Are Standard?

I just read through the manual on the much anticipated Zend Framework and for the most part, I really like the implementation. It is a collection of a number of classes I already use from around the net, which is fine by me. True, PHP is in dire need of a good framework that everyone can standardize on. Right? Yeah, well, I think so, but I’m not really sure… Isn’t that what Pear is? (as a friend reminded me this morning).

My major problem is their stupid coding standards; I honestly hardly agree with a single one of them… it actually makes me angry. Here are a few that I read through until I got so mad I just closed the damn manual website and did something else (wrote this angry blog post).

B.2.2. Indentation
Use an indent of 4 spaces, with no tabs.

I despise spaces in code… why hit the space bar 4 times when you could hit tab 1 time? So what, you have different editors with different default tab stops… who cares, it’s a preference. I refuse to use spaces.

B.2.3. Maximum Line Length
The target line length is 80 characters, i.e. developers should aim keep code as close to the 80-column boundary as is practical. However, longer lines are acceptable. The maximum length of any line of PHP code is 120 characters.

No way, not in a million years. I like long lines… sure, I may have to scroll horizontally to see some code, but it is a hell of a lot simpler to read if you’re looking at the whole file or a large chunk of code.

B.3.3. Filenames
Files that are containers for single classes are derived from the class names (see above) in the format “ZClassName.php”.

Whatever… this is silly. Have they ever used an FTP client before? Some clients by default change filenames to lowercase when the upload files… like they should be. As far as I’m concerned filenames on the net should be a-z 0-9 – _ . period. If everything is in lowercase you never have to worry about case-sensitive operating systems.

B.3.5. Variables
Variable names may only contain alphanumeric characters. Underscores are not permitted. Numbers are permitted in variable names but are discouraged.

Whatever… again, I use $variable_name and refuse to use $variableName… If you have the words “some string” does it make more sense to say someString or does it look more accurate to say some_string. My opinion is the later. camelCaps is ugly in PHP code. I agree with their definition of Constants, but it leads to the question of… if underscores are permitted in constants, why not in variable names? If the answer is to clearly separate the two, then why shouldn’t variable names be all lowercase and constants be all upper case.

B.4.2.4. String Concatenation
Strings may be concatenated using the “.” operator. A space must always be added before and after the “.” operator to improve readability.

$whatever = “that is “.$tupid;

I just give up… I refuse to conform to that less-efficient “standard”. My own personal “standard” is almost the exact opposite of this Zend outline and in my opinion it is much nicer to read through and work from. I’m actually a Graphic Designer turned developer… my whole education and philosophy revolve around making things look good and stay functional… I personally think I’m qualified enough to say those standards stink.

Duhbya Says What?

After not blogging for a little while I couldn’t help myself today when I was reading an article on MarketWatch about US President George Bush allowing a company owned by his daddy’s big powerful friends, I mean, the United Arab Emirates to purchase six of the USA’s Seaports…

Congress “ought to look at the facts and understand the consequences of what they’re going to do,” Bush told reporters aboard Air Force One.

I’m not joking, that quote (according to the article) actually came from George W Bush… Wow, talk about the pot calling the kettle black. I couldn’t believe it! *laughing* Here’s a quote for you:

George Bush and Congress “ought to look at the facts and understand the consequences of what they’re going to do,” before invading foreign countries in illegal wars over oil and control, busting heads, blowing up villages, civilians and children.

On that note, I’m not even American and I installed this funny little Widget for Mac OS X called Duhbya’s Days Are Numbered which shows the days, hours, minutes and seconds left of Duhbya’s presidency. Maybe check it out if you’re a Mac user.

It Still Works?

I’m currently writing an informational article / how-to document for Queen’s Medical Students, instructing them on how they are able to use different calendaring applications to subscribe to our automatically generated lecture and events iCalendar (.ics) calendars on our server, and then sync this data with their portable devices. It’s a very sought after document because it recently became apparent to me that even though we are providing this feature, not nearly enough people actually know how to use and implement it.

I use a Mac (it’s not secret) so I take for-granted that Apple provides me (free of charge) with an excellent calendaring solution (Apple iCal) capable of subscribing to remote iCalendar files and automatically updating them hourly; however Windows users, as always, receive the short end of the stick. Either way, I was researching Windows applications that are capable of supporting this feature and found a link to a page on Microsoft’s website titled “Works“.

Now I thought to myself “I really recognize that application name”, so I said it again to myself “Microsoft Works”… it all came back to me *whoosh* Windows 3.1 for Work Groups, Windows 95, Microsoft Publisher… haha, I couldn’t believe it. Microsoft still makes Microsoft Works and not only do they still make it, but they still develop it, still support it, still sell it, and even more unbelievable is that it apparently supports the very feature that I’m looking for when Microsoft’s own top of the ladder calendaring application (Outlook) does not even come close.

Just goes to show you, what’s old is new again (to me) and in the case of Microsoft Works, it apparently does just that and with a much smaller price tag than Office does. That being said, 99% of people that I know are just as happy with OpenOffice and don’t pay a dime unless they want to donate to the cause.

E-Mail Inefficiencies

Today was the straw the broke the camel’s back on the topic of e-mail. As a server administrator I deal with e-mail servers regularly and as any e-mail administrator knows, spammers are evil. Their tactics are such a pain, causing nothing but problems and stress on servers around the world. It’s also no secret that I’ve often wished “SpamAssassin” was actually an elite Ninja squad who specialized in removing the extremities of selfish good-for-nothing spammers.

That said, spam was not the issue today… it was actually a “legitimate message” that tipped the scale of sanity. The e-mail in question was several pages long and consisted of several people replying to messages, replying to CC’s and talking about something that some how I am involved with (because I was CC’d). Since I was CC’d on only the last few messages it’s now up to me to sort through the disgusting mess of in-line responses since the beginning and find out what the hell this has to do with me.

After about an hour of reading to figure out who-is-who and who-is-saying-what I find that right in the middle of the mess is my name as a contact (used as an incorrect reference to a project I had little to do with). So now I’ve just spent an hour of my life figuring out this whole twisted problem to find out I really don’t have anything to do with it.

The more I deal with e-mail, the less efficient I believe it is becoming. Not because of the technology itself of course, but because of how it’s being used and abused. HTML messages with colours and picutures, long correspondence, complex issues and the lack of security behind SMTP are all contributing factors to my continuing hatred of my e-mail account.

At present I do not know a solution to the problem… it seems to me like going back to usenet for business correspondence may be a solution worth investigating. What’s old is new again, isn’t that right? Perhaps with all the new social Internet concepts someone will develop something that becomes more useful and business oriented… who knows.

Until then… if you e-mail me and require any sort of response, your best bet is to keep it to the point and text-only. If you have a secret about how to efficiently handle 100 or so messages per day, for love of grey, tell me, I’m all ears.

A Christmas Present from Microsoft

I love Macs. I use one at work, I use one at home and I use one on the go (laptop). I also work with a lot of people and teach a lot of students who also use Macs… One of the most consistently annoying things for me about working in an Apple environment has historically been people using Internet Explorer for Mac. It’s one of those things that irks me.

“Normal” people may not understand why it bothers me and probably think I just have vendetta against Microsoft or something (which I may, but that’s besides the point), even though I try to clearly explain that Microsoft Internet Explorer for Mac, is not the same as Internet Explorer for PC. IE for Mac is ancient, under developed and in my opinion, irresponsibly available to Mac users who don’t know any better.
Continue Reading…

A Week Unwound

This week was a crappy tech week, filled with server / network stresses, security vulnerability releases and spammers. To get some closure on these issues, I thought I’d blog about them a bit.

Our network provider, iWeb Technologies, was unable to solve an on-going router issue somewhere between their network and Pier1’s backbone. This router issue resulted in my servers primary IP address being inaccessible indefinitely until I logged in and ran a command to notify their router I was still there… highly annoying for me and my customers, I’m sure. Their only immediate solution to this problem is to have me run “arping” in cron every minute, which tells their routers my servers MAC address. The long term solution is to have me migrate from their old network to their new BGP network. Moving to the new network is a great long-term solution, but it requires a whole new set of IP addresses and moving 8 name servers with 260 domains is a bit stressful. Either way, so waking up in the morning and finding out your server is not accessible tends to ruin every day of the week. This issues has been “resolved” with the cron job now, but still.
Continue Reading…

gDisk + gMail = Sweet Online Storage

Being a techie person I haven’t often been writing about techie sorts of things, so here’s one for you. I stumbled across a very nifty little application today called gDisk that uses Google gMail’s 2.5GB of storage as a portable hard drive by allowing any Mac user to connect to and store data in their gMail account. These aren’t stored as e-mails or anything, the data is just stored in your account. It’s a very neat system, I recommend checking it out.

This got me thinking, Google is missing a couple of things:

1) They should allow you to connect by WebDAV to “Google Disk” or “Google Central” or something like that. This service should be a central storage engine for all your Google data (Base, gMail, etc).

2) I really wish they offered IMAP to connect to gMail vs. just POP3. I’ve grown to really hate POP3. Just a thought anyways.

Either way, check out that gDisk application if you’re on a Mac.

Best Regards,
Matt Simpson

PHP6 Ready or Not, Here it Comes

The mere thought of PHP6 scares the living bejesus out of me. I haven’t yet upgraded to PHP5 because of a slower then desired adoption rate and because I have to support legacy applications for some clients. That will all change when PHP 5.1 is released in the near future. I plan on upgrading shortly after it’s released. So for the past year and a half I’ve been thinking about how to implement PHP5 then all of a sudden at this years PHP|Works conference in Toronto, Rasmus Lerdorf shows us a PHP function written in Chinese and said PHP6 is being planned and it will completely support Unicode.

That shook me up a bit, I can’t imagine the day when I open an open source PHP script and find that I can’t read the code in it. Well, I guess some current coding is so bad I can’t read it in plain English anyways, but that’s another story. Here are some excerpts from a recent article discussing a recent meeting in Paris between core developers (Zeev, Dmitri, Andrei, Jani, Wez, Marcus, Rasmus and Derick Rethans)… Continue Reading…

Boris the DNS Server

The first part of this is a little boring, but trust me, it does get interesting.
I hope you enjoy my story!


—– Original Message —–
From: “Joe Blow” [email protected]
To: “Matt Simpson” [email protected]
Sent: Friday, January 11, 2002 10:17 PM
Subject: Re: webmail NOT WORKING again

> At 10:15 PM 11/01/02 -0500, you wrote:
> >Hey Joe,
> > When the hell did this start happening…
> > this is crazy. It can’t have been today.
> > Something is messed up with the web-mail,
> > it’s confirmed, I’ve been testing it all
> > night. This is crazy. Grrr… I’m working
> > on it now… This apparently hasn’t been
> > the best week for me.
> > Continue Reading…