It is the 1302nd of March 2020 (aka the 23rd of September 2023)
You are 22.214.171.124,
pleased to meet you!
Use the player above to listen to the podcast version of this b.log entry,
or click here to download it for listening to on the MP3 player of your choice.
Why I can't celebrate...
There is a whole heap of good news to share... I have an eeePC 901 (XP version) coming my way. Mom has just signed a contract for 8mbit ADSL (I can't, the place is in her name so she must...). It looks like I will continue at work, and 99% likely I will become a 'proper' employee and not a series of fixed duration contracts. Oh, and my SCART switcher box cocked up so I pulled out the soldering iron and fixed it.
All good news. Maybe even great news.
But it'll have to wait.
Because some bastard unleashed something on the internet which compromised a number of servers, including the one hosting heyrick. Oh, and if you don't like me using the word "bastard", just imagine what I am really thinking. I mean, my website is my on-line identity. I've been effectively out of the loop for nearly a decade. Eight years and a bit. I feel so much older just thinking about it. So this is my representation of who I am - because God knows nobody around here of either nationality is geeky enough to look at me taking a dictionary and set of BBC VDU codes and writing a Windows program to use that data to make a Japanese<->English translator (Jiten). Nobody would care. So on my website, it can find a home for somebody that might be looking for that. Some of my software hasn't done so well - I have put Callie on a hiatus. I thought it would do well, being a simple wizard-like way to make calendar sheets. Practically no response. On the other hand, VeroDes may well be the most popular program I've written! It's there, all there, on my website.
Now imagine how I feel when looking up my site in Google includes the words "This site may harm your computer" underneath...
As if that's not depressing enough, actually visiting my website shows this:
(I have overlaid "this is an example" so you don't mistake this for a real warning!)
You can click to ignore the warning and get past it, but it will appear for every single bloody page - and importantly - some of those pages may still carry the malicious code payload so the warnings may be just as well if you are using a potentially insecure system.
I tell you - if I didn't have broadband and a cute little 'netbook' computer on the horizon, I may well have instructed Glenn to simply pull the plug on HeyRick.
I must thank Glenn for resolving the security hole quickly. Too slow for parts of my site, but at least it wasn't completely trashed - if you have a safe browser (pref. a non Windows machine!), you may see evidence of the attack as an IFrame appended to the bottom of the document, referring to m-analytics which either hosts or passes through to some machine in the Czech Republic.
I must thank Mick for bringing this to my attention in the first place, and for sending me SMS/MMS to keep me up to date with things.
I must thank the regulars of the BBC Micro mailing list for being helpful with something that has nothing to do with the best eight bit machine ever (and if you think I'm a dribbling lunatic my-computer-is-better-than-yours guy, show me your I/O and show me your BASIC interpreter... exactly, sod off and find a Beeb on eBay and see how the '80s was supposed to go). ☺
I must thank Google. I am extremely affronted to see my site ranked as "harmful", but to be honest I'd rather these warnings than have nobody paying attention. Will it damage my reputation? Perhaps... but like the highways brought the highwaymen and like the EU's open borders policy brought the gypos, things that are good have a darker side too. The Internet. Great big free-for-all communications network where you can find alsorts from a cute girl flashing her tits to a decent recipe for egg mornay. But, sadly, computers have vulnerabilities, people put too much trust in those computers, and there are some eagerly looking to learn all they can about you with considerably more tact than a smash&grab. So rather than being upset by Google, I'm pleased it's got its eyes on the ball.
But my biggest thanks of all goes to Ewen. He's the one who updates my site as ssh is firewalled at my library. Earlier today he asked Google to report on the site. For some odd reason it only reports 25 pages (why not all, don't we all want to get these problems sorted?). So he deleted those 25 pages and asked for another report. And this process will be repeated until HeyRick gets a clean bill of health; which I think will mean poor Ewen has to have four passes at this, but to sanitise my site I am extremely grateful.
As a consequence of his actions, parts of my site will randomly disappear. Ewen is noting down what's being erased so it can be put back later from the (safe) copy I have here; though how soon this happens depends upon the 'generation' of what he is deleting. Some parts of my site are on the RiscPC. Some parts I'm not even sure where a copy is, though I do have a total site backup from circa 2005 for the really crusty stuff. :-) In any case, if you see a 404, don't be angry. Thank Ewen, for if you are using some lame browser (and I think we know which), he may well have just saved your computer from something unpleasant.
HeyRick will recover. I've got good people helping. It's just likely to take a while.
And, sadly, it is for all of these reasons that I don't really feel a celebration is in order.
When it's all sorted and this is just a bad memory, then normal service will resume. Until then...
Please note that while I check this page every so often, I am not able to control what users write; therefore I disclaim all liability for unpleasant and/or infringing and/or defamatory material. Undesired content will be removed as soon as it is noticed. By leaving a comment, you agree not to post material that is illegal or in bad taste, and you should be aware that the time and your IP address are both recorded, should it be necessary to find out who you are. Oh, and don't bother trying to inline HTML. I'm not that stupid! ☺ ADDING COMMENTS DOES NOT WORK IF READING TRANSLATED VERSIONS.
You can now follow comment additions with the comment RSS feed. This is distinct from the b.log RSS feed, so you can subscribe to one or both as you wish.
This web page is licenced for your personal, private, non-commercial use only. No automated processing by advertising systems is permitted.
RIPA notice: No consent is given for interception of page transmission.