Jeff Atwood over at CodingHorror.com recently made a post detailing his steps in acquiring and (more importantly) cleaning up a nasty Windows spyware infestation. The post and the discussion that follows are a must-read as far as I’m concerned. His steps go far into the realm of tech-voodoo and are not for the non-geek or feint of heart. Your mileage in following those steps may vary depending on the level of fubar you have on your machine.
Popularity: 6% [?]
The Problem:
You are brand new to Mac OS and you want to install some essential software (like Firefox!). You figured out how to download the application and double-click on it… but you don’t get an installer.
All you get is an icon that looks like a mounted hard drive:
And a window with some kind of Mac hieroglyphics in it:
The Cause:
Just like with Windows, some applications come with an installer, and some don’t. A lot of them don’t. What you downloaded was the MAC equivalent of a ZIP file with your application in it. You have to manually copy the files into the directory where you want them to go. The heiroglypics are supposed to be some kind of “clue” telling you to do that… but damned if I could figure that out without doing a google search. Neither could you, else you wouldn’t be reading this, n00b.
Popularity: 6% [?]
Cannot Load Kramer
The Kramer plugin is a nice tool that can display inbound links to blog posts. In other words, you can find out who’s linking to you.
I downloaded the plugin and installed it. When I tried to configure it with Options->Kramer menu, I got an error. Wordpress promptly told me that it:
Cannot load Kramer.php
When I tried to save my options. Okay, NOW what?
The Problem:
The “cannot load Kramer.php” error message when trying to configure the plugin’s options.
Popularity: 8% [?]
Perhaps changing the icon that appears next to your website’s address in the address bar isn’t your top priority when you set up a new site… but its definitely on the list. If not, it should be. If you spend ANY amount of time customizing your site, then the default “folded paper” icon just won’t cut it. Here’s how to change it.
Old and Busted
First, you’ll need an icon. This is simply a graphic image like a jpg or a gif… unfortunately, whatever graphics application you use may not be able to handle it. I’ve done this lots of times, and I’ve always used some kind of special icon-making software to produce these images. And by “special”, I mean “free”.
One such software is the Favicon Editor that allows you to create the icon right in your web browser… and, more importantly, it allows you to convert an existing image into an icon. The restriction here is that the image has to be a PNG image that is 16×16 in size. These icons have to fit in your browser’s address bar, remember…. so they have to be tiny. Other icon creator tools can read other formats besides PNG, so if you have some problem with PNGs… wtf is wrong with you? use another tool. A google search for “Favicon Generator” or something similar will return plenty for you to choose from. Not all of them are free, however.
(more…)
Popularity: 25% [?]
You’ve downloaded a CD image of… whatever… only to discover that it has a weird .BIN extension that your software won’t recognize. When you try opening it, you just get error messages, or the file open window won’t even recognize it as a valid CD image format.
The Problem:
Your computer doesn’t know what the hell a .BIN file is. And neither do you.
The Cause
Actually, the REAL problem is that you only downloaded part of what you need. CD images come in a lot of different formats. You find them with the ever-popular .ISO extension, but also with .NRG extensions and several others. .BIN files are just part of the crowd. But unlike ISO’s, they not complete images all by themselves. Sure, the BIN file contains all the data, but you need ANOTHER file… a CUE file… to tell your software just what data is in that BIN. Think of a BIN file as a book. The CUE file is the table of contents. In this case, however, the table of contents is stored separately from the actual…umm… content. So you should have downloaded TWO files… a CUE and a BIN… instead of just the BIN.
Popularity: 8% [?]
“One or more files were not imported because there were problems reading them”
“File type is not recognized”
I’m trying to produce my next flash masterpiece when I start getting errors whenever I drag an mp3 file into the Library.
The Problem:
Flash tells me that “One or more files were not imported because there were problems reading them,” or “File type is not recognized”. That’s odd because the files play perfectly fine in my audio applications. They’re not corrupt… so what gives!?
The Cause:
Adobe/Macromedia Flash is picky about the exact type of audio files it imports. Very picky. Very exact.
The Solution:
In the case of WAV files, it wants PCM wave files… so if your file is in another format, you’ll need to convert it. That simply consists of going into your audio editor of choice, loading the wave file, and saving it as another file with different encoding options.
With MP3 files… well, Flash doesn’t like them with bitrates over 160kbps. But you can make it play nice by installing Quicktime. Flash will talk to Quicktime behind the scenes and use it to import your MP3’s without the dreaded “One or more files were not imported…” crap.
To me, both of these are really work-arounds and NOT solutions. It’s 200-frigging-7, software as advanced as Flash should be able to recognize more than a narrow band of settings for popular audio formats. And it should do so without having to install some extraneous crap, Quicktime. But until Adobe corrects the issue, this is what we have to live with.
Popularity: 21% [?]
You’ve created some categories for your Wordpress blog. You start writing posts and even adding links to your Blogroll, assigning each one to it’s appropriate category… but then you notice something strange.
Some of your categories are missing! Some of them are there… but some are clearly NOT. You go to Manage–>Categories and, yup, there they are! So you go back to write your next post, and the category you want to use is still not there! WTF!?
The Problem:
In Wordpress, not all of your categories are showing up in the sidebar when you try to write a post.
(more…)
Popularity: 7% [?]
You have a Mac. You’ve downloaded a file with an SIT extension. This is an archive, sort of like a ZIP file in Windows. You need to open it with an archive program to extract the file(s) that you want. But when you double click on it, the damn thing opens up in WORD… that is to say, it TRIES to. If you’re like me, you don’t actually have word on your Mac, but you haven’t gotten around to uninstalling the Office:Mac trial version that was stinking up the place like a diseased turd pre-installed when you bought your machine. So in our case, what happens when we double click on the SIT file is we get a splash screen/License agreement for Word, as if we were trying to activate our trial version.
Yeah, THAT’LL happen….
The Problem:
Your Mac tries to open SIT archive files in WORD (of all things!)
(more…)
Popularity: 13% [?]
Some people just don’t get it.
By “It”, I mean the difference between warning people about the dangers of playing with sharp sticks and leaving a crate of authentic Zulu spears on your front porch.
What the hell am I talking about?
This blog’s inaugural entry contains detailed instructions… including source code… on how to conduct a Cross-Site scripting attack.
Yes, information wants to be free.
Yes, the people need to know.
Yes, (insert other vomit-inducing cliche here)… but COME ON!
It amazes me how many bloggers and so-called “security experts” go around handing out loaded guns in the interest of promoting gun safety.
Source Code?
SOURCE CODE!?!
No one needs the source code of an XSS attack in order to protect themselves from XSS attack. Ditto for any other scripting or software-based attack. So what, exactly, is the point of posting code+instructions and saying, in no uncertain terms, “Here, go play with these hand grenades, and if you blow something up real good, send me a picture!”
Are you trying to educate the programmers about the holes in their code? Code is their life and livelihood… DESCRIBE the problem and they can write their own code without your help. Are you trying to prove that it can be done? Then DO it… post a screenshot of it being done instead of instructions/code on how to do it. Are you trying to entice a new generation of script-kiddies to perform attacks on the unsuspecting web-public by giving them live ammo to play with? Hmm…
I’m not one of those people who thinks information I don’t like should be hidden or restricted. But I don’t think information of this type should be actively disseminated, either. Should the information be available? Yeah… maybe… that’s debatable. Personally, I’m leaning toward “yes”. Somewhere. But being “out there somewhere” is a lot different than me painting it on a billboard in my front yard. Unless, of course, I have some ulterior motive (like: “I hate the MPAA so I’m going to post the AACS key” or “I hate Yahoo so I’m going to show the world how to screw them.”) If that’s the case, then I won’t do it under the guise of being concerned about security. If security awareness IS my main objective, then the last thing I’m going to do is hand out source code for exploits. That’s sort of like having sex to support virginity.
BY THE WAY:
For real information about XSS attacks that (last time I checked) didn’t contain actual source code, try:
http://en.wikipedia.org/wiki/Xss
http://www.cgisecurity.com/articles/xss-faq.shtml
Popularity: 100% [?]
Powered by WordPress, Mandigo theme by tom.
Entries (RSS)
and Comments (RSS).
