varunnangia.com

Folks,

I’m seeing what looks like a new type of attack on WordPress-powered websites (including this one), regardless of what version of WordPress is being used. You start seeing spam in the footer, “read more” spam links, and so on, usually tagged as “babloO”/”blyat”; most of these addresses seem to resolve in Russia, but some appear elsewhere. The most obvious version of this is spam posts in the RSS feed and redirects from the homepage of this website to a PDF containing Javascript exploits.

As of this writing (2132UTC, on Thursday, 18 June, 2009), there is no acknowledgement of the issue from WordPress developers, nor any idea how the attack is taking place. While the site is currently showing as clean, if you were redirected to a PDF, or have seen spam posts in your RSS feed, please let me know as soon as you can. If you were redirected to a PDF, please also run a check for viruses and malware on your computer if you are using any version of Adobe Acrobat on any operating system; alternative PDF readers, such as Foxit Reader or Preview.app on Mac OS X  are not believed to be vulnerable, but you are encouraged to run a check anyway, if you were redirected to a PDF.

In the interim, I am disabling as many of the plugins as I can, removing widgets and other possible sources of injection attacks, and disabling the creation of accounts. In addition, if by 1200UTC, tomorrow, Friday, 19 June, there is still known infection vector, I will revert the theme.

I apologise for any inconvenience caused to you, and ask you to contact me via a comment if you were hit in any way when using this site.

So, for about three weeks now, I’ve had my Delicious bookmarks show up here on my website. The idea behind doing so was both so that people interested in seeing what I read and what I find interesting could follow along, and also, hopefully, direct some traffic and love to those websites that I find fascinating, and often, underrated. There were a few reactions, ranging from “UGH! How do I get rid of this?” to “This is pretty cool, thanks”.

But it’s been messy on the website, and in the RSS feed, since the “Links for xx-xx-xxxx” posts are more numerous than my actual “content” posts. I’m rethinking this website, and as part of the overall rethinking, might make a few more changes, but for right now:

1. Links are hidden from the main page. If you want to see the links on the website, you can view the entire category here: http://www.varunnangia.com/?cat=75
2. Links are still visible in the RSS feed. If you do not want to see the links in the RSS feed, subscribe to: http://pipes.yahoo.com/pipes/pipe.run?_id=GHpMq8Q_3hGv9iILAA_H4A&_render=rss

As part of my rethinking the website over summer, I’ll see about giving you ways to hide and see the links as you would like. In the meantime, if you have any other feedback about the links (such as how to make them more useful to you), then do tell me.

UPDATE 2, shortly thereafter: Fixed. Let’s not look at the messy source code – and TWO CSS sheets, mmkay?

UPDATE, the next morning: I didn’t realize that the reCaptcha plug-in is using an iframe. Going to try and fix it, though it will mean assuming that everyone supports JavaScript. Damn. So close.

ORIGINAL POST below:

I’m pleased as punch to make one of my new year’s resolutions come true already.

A long standing goal of mine has been to make this site XHTML 1.0 Strict-compliant. The site has always been XHTML 1.0 Transitional-compliant, but given a good kick in the posterior by Kats, I went through and corrected all of the errors that were preventing this from becoming a Strict site. A few other/related changes of note:

• The Xbox Live Widget, which was Flash-based, has been temporarily removed, until I understand the intricacies of getting Flash to co-exist alongside XHTML 1.0 Strict-compliant websites. I’ve understood the general principle of how to get this to work, but it’s going to require tweaking. Also, it slowed the page down.
• Since no one (and I mean, no one) was using the Chat widget, I removed that. It also used Flash.
• After getting frustrated about not being able to access categories from an older phone browser (*cough*Blackberry browser*cough*) due to borked Javascript support, I’ve changed the categories list from a drop down to a list.
• I don’t get enough comments to need a recent comments box.
• Similarly, there are more posts on the front page than the recent posts box. The recent posts box has been removed.

Long and short of it is that you should be able to get this page to now appear in any standards compliant browser in standards mode, and it should load significantly faster than previously – to the tune of 5 seconds (or 45%) faster on a dial-up connection. I have not yet made up my mind whether I should join Kats in forcing XHTML+XML and locking out IE users, but I’m a pragmatist whose leanings lie closer to Joel Spolsky‘s views on standards than the zealots. I may simply add a server side redirection for IE users to encourage them to download a decent browser.

In the meantime, please let me know if anything breaks. Thanks, and happy new year.

Valid XHTML 1.0 Strict

I’m trying to see how well this works. Ideally, I’d be able to manage comments from here too, but I can’t complain.

And now, a test picture:

(Apparently, that picture didn’t go. Oh well.)

If you’ve noticed a slow down in posting here, you’re not alone. The fact is, that majority of the things I want to blog about, are easier to “micro-blog” about. Most of the things I want to write about are either short, immediate things that don’t bear repeating after the fact, or those on which I don’t really have much to add. So, I’m wrestling with the question of modifying my feed (or installing TwitterTools, as suggested by SarahMck) to include my Twitter posts over here. I could provide a non-Twitter feed, too, if you’d like, via the miracle of Yahoo Pipes.

Anyone with strong thoughts on this either way?

I got the varunnangia.com domain name in the summer of 2006. I would have got it sooner, but there were certain other considerations; for one, I needed to graduate.

My purposes for the domain were pretty simple – I just wanted to make sure that if people wanted to find me on the internet, they could search for my name and come across this website, and I wanted to move my personal blog to a better place than Blogger. And it has worked – four people whom I’d completely lost touch with have dropped by, found my contact info, and messaged me. It’s great to be able to talk to these people – some of whom I’ve not seen in 15 years – again.

But that’s really where it ends. I’m not particularly interested in being the number one hit for “Thunderbird Gmail IMAP trash folder” or “review of N800 with OS2008” or “incredible inventions 2007” or what have you. I put up things that I’m interested in and if other people find it useful, I’m glad you did. If you feel like linking to my site, that’s great.

So for those of you contacting me to try to sell your search engine optimization software – go away. I don’t need to know that I should be tagging, or changing my permalink structure, or putting strategic keywords in my headers. Because, quite frankly, I don’t care. If you paid attention to the fact that there are no ads on this website, you’d have realized that I have a job, and this is a hobby. I don’t make my money here, so I don’t need your shabby, pathetic product (for which you want money).

I’ve achieved all the search engine optimization I need. Searching for Varun Nangia gets people here. That’s what I set out to do. That’s what I’ve done.

I just realized that the theme I installed has a validation note at the bottom that specifies this page is XHTML 1.1 compliant. Since WordPress couldn’t put out compliant code if its life depended on it, that’s clearly not true. I can’t seem to access any ports other than 80 on this network here, so I’ll edit the template when I get home.

However, the website looks as it should according to my checks in Firefox 2.x, 3.x, IE7, IE8, Safari 3.1, Opera 9.25, and the various other browsers I’ve tried it with. I’ll run it through BrowserShots too and see if it looks okay, but my guess is that as mangled as the HTML that WordPress generates is, it should render fine.

Of course, you may not see one or two Flash applets, and pictures, depending on whether you’ve got the correct plugins installed and if you’re using Lynx.

Daniel Gentleman, something of a local legend in the Maemo circles, put up an interesting post about what niches the Nokia N810 can fill for the average person. The money quote here is: “‘the N810 is for a specific set of people who need more internet than a phone but more mobility than a laptop.” Absolutely – and unfortunately, that’s a very small market. In fact, it’s shrinking as phones are becoming more capable. Already, I can see the internet almost as it was meant to be on the S60 browser and the iPhone browser, which are both based on the marvelous WebKit engine. Even the Java-based Opera Mini is a huge, huge step forward, making the WAP of yesteryear seem like so much Gopher. In short, the market is small and it’s shrinking. That’s not a good place to have a product and a repositioning is in order.

I commented on this post with things I think are missing from the current internet tablets and I wanted to flesh out some of these points:

• The most glaring lack is a basic PIM. I understand that Nokia’s strategy has been to look at this as complimentary to a phone (a Nokia one, naturally) that makes the PIM redundant, but the simple fact is that for an increasing number of people – and certainly the technologically minded ones that would purchase a device like this in its current incarnation – expect to be able to access their calendars, contacts, and to dos where they are with the device they are closest to. Calendars, contacts, to dos, with some basic syncing capacity – either against an online provider, or a full-fledged computer – would go a long way to making the device significantly more useful and capable.
• Not having a built in viewer for commonly used file formats reduces the usefulness of the device on the go. While I can understand that there maybe legal encumbrances to proprietary formats from companies like Microsoft, given Nokia’s financial and business clout, I find it difficult to believe that the formats could not be licensed. Since there are already binary blobs in the Maemo stack, the addition of something more in binary format is unlikely to deter supporters.
• Working email out of the box is a point I cannot stress enough. Despite advertising the tablet as being fully ready to go on the internet, the lack of a decent email client is truly distressing. Modest, while functional, is hardly ready for prime time. Claws is neither intuitive nor entirely stable. That leaves only webmail as a solution for checking much email and is a poor substitute.
• IM is another core internet functionality. Through Nokia’s partnership with Google, we have an excellent XMPP client. I understand a new beta is in progress to replace the IM module and this is promising. The only thing I could in fact wish for is that the functionality is better exposed.
• Cryptic error messages are a standard feature of Linux and many other Unix-derived systems (Mac OS X is the sole outlier I can think of). By and large, the only way this sort of boondoggle will ever be pushed out of existence is slow maturity of the code base and an expansion of the user base to include the less technically minded. However, cryptic error messages should rarely be encountered in a new, out of the box system, and updating something that is shipped with the OS should not result in a error that suggests the update comes from another source. It simply should not.
• One pet peeve of mine is the non-existence of a clock in the tray on Maemo I understand that there are space limitations with the system tray, but there are space limitations on almost every single thing when it comes to portable devices. If nothing else, Nokia should have at least stepped up to the bat to offer an official system clock that can be downloaded and installed. Better yet, the tray applet should come installed. It’s 2008. For the last 30+ years, there have been clocks visible somewhere on the desktop or another. It’s expected. It’s a hassle to have to switch back to the desktop or home screen. It needs to be fixed. End of story.
• Faster response times. While there have been some intelligent suggestions of late by programmers more familiar with programming native code on Maemo than I, I find it weird that the system is significantly non-responsive and sluggish immediately after startup. The web browser, for reasons I’m not entirely clear, insists on “Updating” something at every startup. The file manager will take its sweet time parsing things before it opens. OS 2008 is a speed demon compared to OS2007, but that’s also because the processor is running over 20% faster. When you factor this out, the times are roughly comparable between a fresh OS 2007 boot and a fresh OS 2008 boot. More optimization is necessary, as is better control over threads by users. The ability to terminate a rogue thread immediately is the key to a stable and responsive operating system. We can do it in Windows – the operating system the least technically inclined people use. There’s no reason to believe that it shouldn’t be entrusted to the power users of the N800.
• Java. It’s incredible. It really is. It’s one of the most used programing languages on the planet. There is a greater demand today for Java programmers than any other language, except, possibly C#. Given Java is now open, and ARM ports exist for it, I’m unsure why there isn’t a Java VM on the Maemo platform. Or at the very least, a JavaME-class VM that can be pulled from Nokia’s other operating divisions.
• Finally, there needs to be a solid repository of software that is verified by Nokia to work with the internet tablet and easily available to every user. Every other serious Linux distribution includes such repositories through apt, rpm and their derivatives. There’s no reason that Nokia does not do so except to shield itself from liability. That’s fine and well, but (a) it’s a lot harder to break a Unix-derivative than any other OS on the planet; and, (b) they have resources unheard of in the open source world. I would argue that Nokia’s reluctance to offer such applications except through a partner program (where I’m sure vast amounts of money are involved) hurts Maemo’s easy expandability. By all means, Nokia can disclaim responsibility if something goes wrong and make sure that even their American legal department approves it; but to not do so is to severely limit the growth of the platform as a serious contender on the Linux stage. I know there’s a list of repos on Maemo.org – but that’s not even close to enough. Make a best of breed program that can not only be showcased as it is on Tableteer, but something that is widely available and indicated on the tablet. I have to go seeking such programs; they should invest the time in bringing the programs to us.

I know this sounds like a list of whines. It isn’t. It’s the realization that I’ve had as I’ve started using other platforms that there are good things and bad things about how platforms are put together, and there really isn’t enough crosstalk to learn from each others experiences. I’m not asking for the iPhone’s interface, which I’ve loved so far, but I am asking that the Maemo platform and its supporter step up and make Maemo a serious and complete distribution for its intended market. Not including a PIM can be explained away, but not including a clock or a working IMAP email client out of the box seems downright petulant.

Good morning!

You may have noticed that I speak here and elsewhere about how my needs are served by lesser machines or lesser demands. For example, I’ve come around to the conclusion that everything I need to do on the go, I can do with a S40 phone and a good camera.

Or that Windows no longer serves my needs. Or that I can live with integrated graphics. Or that I am happy living further away from downtown DC. Or that I am a cat person.

Notice the operating pronoun here: I.

Yes, that pesky thing, the personal pronoun. Could be so many other people. Could be me. Could be myself. Could be Irene I.

So consider the following exchange between myself and a member of the illuminated internet users association:

I’m slowly coming around to the idea that I don’t need the S60 phone and considering going back to an S40. Just the speed of the phone alone makes it worthwhile.

There’s literally nothing I can’t get on the S40 that I can on the S60, except – and this is a big except – a QR-code reader. Perhaps my next phone will be an 8×00 phone.

To which I get this enlightened reply:

“There’s literally nothing I can’t get on the S40 that I can on the S60″ — I’m sure you meant nothing YOU use, because there’s TONS of things you can get on S60 and not on S40.

Ah, yes. The internet troll. It has arrived to comment without reading.

For future reference – if you arrive to troll or to comment without reading because someone else told you to do so, please take your agenda elsewhere. People like you are why I stopped commenting on Slashdot and spend most of my time downvoting people trolls there. It’s why I don’t read Digg or Drudge Report any longer. Fact is, really, if you have an opinion without reading, I’m going to laugh at you and ban you going to ignore you less likely to take you seriously. Take a hint from these people who not only backed up their positions, they read what I said, even though they disagreed.

Congratulations Razor1973 – you have won one internets for your insightful remark.

Web 2.0: speeding up how fast you can get flamed by people who don’t read your comment.

(Now watch the trolls line up to protest without reading.)

I’m completely and utterly overwhelmed with a few things, including the news from CES. Fortunately, the madness ends in a couple of days (January 10th, to be precise for CES) and so I’ll continue then. Sorry if you were looking forward to something right now…