THE CAT'S PAJAMAS
Someone with a frisky cat and interesting record collection.
In other matters, a disaster with WordPress froze my new blog, the one I had migrated to in the directory over. Because of Blogger faults, which still exist.
The problem, and it's a sizable vulnerability, is described here.
WordPress depends on its database. And if it is unable to connect to the MYSQL database on the host, bad things happen.
In this case, the blog crashed. Readers who subsequently logged on were presented with the installation interface, also very very bad. The installation interface, presented when WordPress thinks it's new, instates whoever inputs their e-mail address as blog administrator.
And someone, inevitably, took advantage of the problem while I was working to figure out what was wrong and get the blog back up.
DD tossed them out but the reversion to install and subsequent breach rendered WordPress's new posting editor inoperable.
I then spent a week looking through the WordPress codex and help forums for some accurate descriptions of the nature of the problem and how to reset it. In this, as in the Blogger forum one is dependent, to a large extent, on the kindess of strangers.
There is very little discussion, almost none -- actually, within the WordPress community on the "famous five minute install" vulnerability. DD hosts on Yahoo and as part of its Small Business Plan, that service offers Wordpress (version 2.6.2) and Movable Type as blogging applications. This means the "famous five minute install" vuln is probably waiting on many blogs if the mysql server goes sideways at the wrong time.
In any case, I've had to resort to Blogger as a backup. Realistically, I suspect there's no answer to be found at WordPress.Org. That just not in the nature of the beast.
DD may open up another effort to move off old Blogger with Movable Type in another directory.
Chalk it up to lessons in the fragility of web and cloud app design. Using Google Blogger's 'cloud' isn't actually better, it just presented a different set of unexpected challenges.
Paul Fussell, well before the web, described the dilemma in this manner:
"The current United States can be defined as an immense accumulation of not terribly acute or attentive people obliged to operate a uniquely complex technology, which all other things being equal, always wins."
Myself included.
More EMP Crazy
Electromagnetic Pulse Theatre is defined as a show in which only a couple people take the stage to warn of a threat everyone else in attendance takes to be of little or no importance.
On Tuesday, a House subcommittee convened to hear about US electrical reliability and its risk profile with regards to insufficiency in cybersecurity. However, the hearing was turned over to those with the standard compulsion/obsession to warn of catastrophic electromagnetic pulse attack.
See here at GlobalSecurity.Org's SITREP.
Someone with a frisky cat and interesting record collection.
In other matters, a disaster with WordPress froze my new blog, the one I had migrated to in the directory over. Because of Blogger faults, which still exist.
The problem, and it's a sizable vulnerability, is described here.
WordPress depends on its database. And if it is unable to connect to the MYSQL database on the host, bad things happen.
In this case, the blog crashed. Readers who subsequently logged on were presented with the installation interface, also very very bad. The installation interface, presented when WordPress thinks it's new, instates whoever inputs their e-mail address as blog administrator.
And someone, inevitably, took advantage of the problem while I was working to figure out what was wrong and get the blog back up.
DD tossed them out but the reversion to install and subsequent breach rendered WordPress's new posting editor inoperable.
I then spent a week looking through the WordPress codex and help forums for some accurate descriptions of the nature of the problem and how to reset it. In this, as in the Blogger forum one is dependent, to a large extent, on the kindess of strangers.
There is very little discussion, almost none -- actually, within the WordPress community on the "famous five minute install" vulnerability. DD hosts on Yahoo and as part of its Small Business Plan, that service offers Wordpress (version 2.6.2) and Movable Type as blogging applications. This means the "famous five minute install" vuln is probably waiting on many blogs if the mysql server goes sideways at the wrong time.
In any case, I've had to resort to Blogger as a backup. Realistically, I suspect there's no answer to be found at WordPress.Org. That just not in the nature of the beast.
DD may open up another effort to move off old Blogger with Movable Type in another directory.
Chalk it up to lessons in the fragility of web and cloud app design. Using Google Blogger's 'cloud' isn't actually better, it just presented a different set of unexpected challenges.
Paul Fussell, well before the web, described the dilemma in this manner:
"The current United States can be defined as an immense accumulation of not terribly acute or attentive people obliged to operate a uniquely complex technology, which all other things being equal, always wins."
Myself included.
More EMP Crazy
Electromagnetic Pulse Theatre is defined as a show in which only a couple people take the stage to warn of a threat everyone else in attendance takes to be of little or no importance.
On Tuesday, a House subcommittee convened to hear about US electrical reliability and its risk profile with regards to insufficiency in cybersecurity. However, the hearing was turned over to those with the standard compulsion/obsession to warn of catastrophic electromagnetic pulse attack.
See here at GlobalSecurity.Org's SITREP.
posted by George Smith at 10:17 AM
0 Comments:
Post a Comment
<< Home