Drupal's very own Mollom is a Free/Open Source (collaboratively-developed and freely-shared) software for battling script kiddies and fighting against SPAM. The past 2 weeks were difficult because spammers exploited the fact that we had opened up the site for registration/subscription (to leave comments). After exploring some options for dealing with the problem (spam making it to the front page even!) we found that Mollom was good enough to eliminate almost 100% of all of spam (so far). Hence, for the time being, it seems safe to say now that we beat the script kiddies. Thanks, Mollom! █
Tux Machines behind Varnish cache proxy
Summary: Tux Machines growth and a note regarding SPAM prevention after a week or so of experiments
Here are the first four weeks' log sizes, plotted with LibreOffice and demonstrating week-to-week growth since the site's nameservers changed and the server moved to CoPilotCo. After 4 weeks all logs get deleted (
logrotate) to ensure privacy through lack of data retention (except short term in case of DDOS).
It is now the talk of the town. Nokia will be making their own smartphone based on Android. It seems like they no longer want to be in the shadow, under Windows Phone. I would like to think this might be the comeback of Nokia phones after a decade or so. I liked Nokia as a gadget way before this so-called "smart phones" trend started. I remember when SMS became the most convenient tool for communication, like a telegraph type. Nokia phones were once a gadgets giant; only then, when Microsoft bought Nokia, the once cellphone giant was kept and never to be found. I mean, not literally, but I can hardly see Nokia out in the Market along with those cellphone giants like Mac/iOS , Blueberry and Samsung. Nokia's merging into Microsoft has never been good; their tandem strategy never created any new innovation that makes them different from the other competitors. In fact, there were no success stories for Nokia when it was based on Windows Phone.
I expect Nokia to have lots to offer in the next expo. Improvements in software using Android OS, distinct design in hardware which can compete in comparables among the others. The price might be a little less than the existing smartphones to attract potential costumers. Lastly, I wish Nokia well for bravely taking such a huge change. In this road it has many challenges, but it's worth taking.
Script kiddies can't get their way
Summary: Script kiddies made it impractical to manage comments and forum posts; we are trying to tackle this issue today
IN ANOTHER attempt to restore user registrations, this time on the new server which has just been configured for mail, we are enabling anyone to quickly self-register (takes less than a minute and requires no verification), then immediately post comments, forum posts, etc.
Summary: Recent changes at Tux Machines, in just a nutshell
INSPIRED in part by Slashdot, we recently added topical icons to submissions, applying these changes retroactively to over 50,000 older pages. The idea was, this can improve orientation by helping to quickly associate text with topics. More minor modifications were made as well, some textual and some layout related. They are subtle but they can be seen. After receiving feedback regrading icons size we made further modifications. Regarding social media buttons, some of the ones we initially found were unbelievably privacy-infringing (allowing Google, Facebook, Twitter etc. to see visitors of this site), so we disabled them immediately and replaced them with static buttons. Right now we can assure that whenever loading pages in this Web site nothing except our security-aware network gets contacted. We share no data about visitors (with anyone) and Apache logs get shredded for good after a few weeks, leaving sufficient trail just in case of attacks on the site, which would merit investigation. Log rotation is similarly privacy-respecting at the cache level, which leads to the following point.
Today, after the above changes had been made and stability attained (there were some network disruptions yesterday), we also updated Drupal, ensuring it is secure and fully up to date (the latest minor bugfix release is a month old). There is still an issue with Varnish and until we tackle this issue users who are not logged in might be getting error pages. One way to overcome this is to append "?something" to the URL requested. This bypasses the Varnish cache until we finish our investigation of this issue and resolve it for good. █
Update: The issue with Varnish turns out to be a conflict between two caching layers. It's fixed now. If you spot an issue, still, please let us know.
Update #2: Yesterday we identified another issue and soon thereafter fixed it. After Twitter syndication had failed we realised that RSS feeds were not standards-compliant, due to a blank line at the start of each generated page in Drupal. This is a common issue and it is a nightmare to debug (requires a complete code review with help of GNU utilities like grep). After 4 hours of investigation I found the culprit and fixed the coding error. RSS feeds are back.
Yesterday was a rainy day. Our plans to go dining and bowling were more or less ruined by that. Manchester has had stormy weather as of late and there is not much one can do to avoid it.
Almost every couple went out to celebrate valentines. In my case, as I am working regular hours at day (and sometimes at night), I don't have much time for planning or thinking of ways to celebrate valentines day.
My dear husband, who had a day off yesterday (after he had worked at night), surprised me in many ways. He prepared a bubble bath for me with glasses of wine and candles lit. Pizza was inside the oven and table setting was quite ready, with many special beverages to mark the special day.
Everything was organised and prepared by him. While we were having our dinner we watched Tom and Jerry (a favourite from my childhood) and we were both enjoying it. Later he wanted to prepare the new mattress he bought to make sure we would have a good night's sleep.
Our own way of celebrating valentines -- so simple but passionately expressed with pure love and tenderness.
I was born in a quiet and beautiful town in the Far East together with my cousins. As far as I can remember, we enjoyed watching the sunrise and sunset, bathing and fishing in the river along with other children. My childhood years bring back good memories: Playing hide and seek, flying kites, throwing yo-yo, jumping on Chinese garter and so much more. Life was full of fun and so simple back then. There were times I ate meals in our neighbours' house, treated like family. Sometimes we exchanged food. This you will never experience in an highly urbanised city, as there is nothing like this in the Western world. It's a small town where you almost know every other person. Everybody is like your family. That is how I remember the place that I left 24 years ago. This year my husband and I were planning to visit my beloved town. But I have second thoughts. It's a bit scary to visit a place where people are killing other people like animals.
Todays special is about Mandrake derived distributions, namely,
OpenMandriva Lx 2014 alpha vs Mageia 4 final vs ROSA 2012 R2 final vs PCLinuxOS 2013.12 final.
In (my limited) testing, I've used the X86_64 versions favoring the KDE desktop, and I've used the NVidia binary drivers provided with each distro.
Here's my experience with each one:
VARNISH is valuable for a number of reasons, including security, privacy, and performance. I first used it around 2009 when another site of mine had repeatedly come under DDOS attacks. Using Varnish means that requests for pages usually come from the same IP address (the cache proxy), if at all. Much of the time visitors get served static (cached) pages transparently and quickly. The downside is, this interferes with statistics (the Apache server does not even see all requests) and it is not compatible with modules like polls, where each IP addressed is allowed just one vote.
During the server/site migration we tried to preserve as many of the features as we could. There was a transition from old Debian to new CentOS and the new architecture is quite different (still 2 CPU cores but with more RAM, a virtual container, and resilience owing to proxies/redundancy). Thanks to those who suggested workarounds. We have looked at some of them, but without losing on performance there is no way to keep meaningful statistics. These statistics have been disabled. Not even we, with direct access to the server and the CMS, have access to meaningful statistics.
We are going to try to focus on high quality selection of news, not on numbers. █
Yesterday, following a mostly successful migration (there are still some impending fixes to
.htaccess), slight changes were applied. For regular readers of the site, here they are summarised:
I first heard about Bill Reynolds (AKA "Texstar") when I was using Mandrake Linux 7 (later called "Mandriva") many years ago. Back then, Texstar was putting together updated KDE releases for Mandrake Linux, as Mandrake would only typically update their KDE release once or twice a year.
I've taught High School Computer Science for 25 years--Computer Programming, Web Page Design, Word Processing, Database Processing, and Spreadsheet processing. I have Linux on all my home computers with a dual boot into MS Windows 7 on my main computer. I don't use Windows 7 very often--but, I can find my way around in Windows 7. Since I have no experience with Win 8, I've thought all the recent hoopla about Microsoft's Windows 8 and 8.1 was just inexperienced grousing.
I started to say "this is goodbye," but just because I sold the site doesn't mean I won't be around Linuxville. I'm still writing at ostatic and I may turn up here now and again as well. I'll be looking around to expand my writing after the new year too, so you're not rid of me yet. But the sale on tuxmachines.org has been completed.
We cut the cord a couple of years ago, the need to get TV over traditional TV Ariel was no longer needed and services such as TV Catchup, iPlayer and the other UK Catchup TV Channels streamed over the net to my TV were all we needed.
Having had an Asrock 330 Ion be the trusty device for nearly 5 years the box finally gave up the shost last week.
The options available for using the internet to provide your TV are huge, from the giants of Apple with Apple TV, Google are dipping their toes in the water they have the ChromeCast, and there are a huge bagfull of Android Devices which all claim to plug into the HDMI port of your TV.. Then there is the Raspberry PI which has a custom build of OS's to provide different interfaces.
I guess tuxmachines.org has been sold for $1000. I know it's kinda low, but times have changed and the new owner plans to carry on the tuxmachines tradition.
Well, I think I'm going to accept one of the two $1000 bids received, unless anyone else wants to bid...
I've decided to try and see if anyone might be interested in buying and doing something with my domain and site. So, today, I'm posting this ad here: tuxmachines.org for sale.
Update: I've received some bids and will decide by Monday....
This isn't a Windows thing, Linux as well should be more secure than the assumption that the OS with elevated privileges is secure enough, there is so much more Desktop Linux could be doing to make the users experience more secure.