Open for business!

Today marks the launch of, my new business website. I’ve decided to become a security consultant, specializing in WordPress security, because it’s plain to me that there are a lot of individuals, businesses, nonprofits, and groups out there who need someone to be able to advise and assist them with locking up their websites and implementing best practices.

I’ve always been a believer in the mantra, do what you love… and I love helping people stay safe. More and more societal interaction and commerce is taking place in the digital realm, and while that presents opportunities for collaboration and networking that weren’t possible before, it also comes with downsides.

We are not doing enough to protect and safeguard our digital domains, perhaps because the Internet is still a new medium and changing rapidly. However, there are parallels between cyberspace and the physcial space we inhabit. For example, a website is analogous to a house, usernames and passwords are like keys, and emails are analogous to sensitive documents carried around in a briefcase.

Most of us would never leave our home unlocked and unprotected… we take reasonable precautions to guard against theft of our personal property and real estate. A website is no different than a house. It needs to be cared for, looked after, maintained, adequately secured.

Out of the box, WordPress is simply not secure. It’s like a brand new house that is structurally complete, with plumbing and electrical systems installed, but without improvements that would make it more secure, like a reinforced door, a guard dog, dowels in the sliding doors, or an alarm system. WordPress can be made, secure, though, and a top objective of my practice will be helping clients lock up their WordPress sites so they can greatly reduce the likelihood of being compromised.

I’m looking forward to beginning this journey and seeing where it takes me. If you’re interested in hiring me, please don’t hesitate to get in touch.

Force Kubuntu to let you install new login themes

Problem: You’re tired of the default Kubuntu login theme and want to install a new one. But when you try to add new themes by going to System Settings > Login Screen (under the category System Administration) > Theme, nothing happens.

Cause: A flaw in KDE

Solution: Open Konsole and type:

kdesudo kcmshell4 kdm

This will open the Login Screen module, but as root. Now try installing a login theme. You should be able to see the newly installed theme in the list once you install, and be able to specify it as the default.

Help Thunderbird display emoticons in messages sent from Microsoft Outlook

Problem: Mozilla Thunderbird (running on a GNU/Linux machine) doesn’t display emoticons in messages that were sent using Microsoft Outlook. Instead, emoticons appear as the letter “J”.

Cause: Microsoft’s lack of concern for web and email standards

Solution: Install the “Wingdings” font so that Thunderbird can actually render the emoticons. On the latest versions of Ubuntu, this is as simple as clicking on the wingding.ttf file and then clicking Install. You can get Wingdings from your Windows computer. Just go to C:WindowsFonts and look for wingding.ttf. It should be near the end. Copy this file to your GNU/Linux machine and install it. Next time you start Thunderbird, you should be able to see emoticons in any message sent by a friend using Microsoft Outlook.

What to do when GParted crashes on your Live CD

Problem: GParted crashes while starting up when launched from the Ubuntu 10.10 Maverick Meerkat Live CD, or from a Maverick USB installation. Restarting the computer and beginning another live session fails to help matters.

Solution: There’s actually a pretty simple solution for this very annoying problem: Upgrade GParted. A user dealing with this problem could, of course, fall back on an older Live CD with an older version of GParted. But older versions may run into “unknown errors” if a newer version of GParted has been used to configure a drive. Furthermore, it makes sense to just grab the latest and greatest version.

If you’re running Maverick on a USB stick, just open a terminal and type:

sudo apt-get install gparted

Ubuntu will upgrade GParted. Next time you try to start it, it should come up okay and not crash.

If you’re running a live session from a CD or DVD, use the disc to make a USB stick that can save data. Then upgrade GParted using the command above.

What to do when Flash audio stops working on Ubuntu/Kubuntu

The situation: You’re trying to watch a Flash movie in Firefox and you can see video just fine, but the audio is stuttering like a broken record, making it impossible to hear the sound. Audio does not stutter in non-Flash applications. You have the latest version of Flash from the Ubuntu repositories.

What’s going on? This appears to be a bug that many Ubuntu/Kubuntu users are experiencing. It looks like it’s a glitch with Flash. Messing around with your sound architecture is unlikely to help matters, so don’t do that.

Solution: There is a fairly simple workaround. Go to Tools > Add-ons. Select “Plugins”. Disable your Flash plugin. Restart Firefox. Then, go back to Add-ons and enable the plugin. Try playing a Flash video again and see if the audio works. Repeat this workaround if the problem occurs again.

In some (but not all) other browsers, this problem can be alleviated by simply restarting the browser.

Comment: If you’ve found this post, I hope the above troubleshooting advice helps. I can’t wait for the day when proprietary software is no longer required to view video on the Web. Flash sucks. The advent of HTML5 will hopefully make Flash problems irrelevant and a thing of the past.

Recovering a lost blog post: What to do when you’ve tried everything

The situation: You’ve just spent the last few hours writing a post for your blog or newsletter, using the editor built into your blogging or mailing platform, which you access inside of a web browser. You go to hit Publish, and you get prompted to login (because it auto-logged you out for some reason). Or you see an error message, maybe something like, We’re sorry, we couldn’t process or request. Or you see a blank web page.

You login again (or go back) and discover that all that’s left of your blog post or newsletter is an incomplete fragment…. or worse, nothing! You curse your blogging tool and wonder if there is anything you can do to retrieve your lost draft.

As it so happens, there is.

The solution: Assuming your data is not saved in a cookie or in a cache file, and can’t be retrieved using a tool like Lazarus Form Recovery (which you MUST install if you are a Firefox or Chromium user, after you are done following the steps outlined below), your only recourse is to dump the browser’s memory and search for the draft.

I have successfully recovered a draft using this method (which was pioneered by Thomas Strömberg) more than once, either when Lazarus failed me, or I was running a browser that did not have Lazarus installed. So can you… but only if you are capable of reading carefully and following directions!

This tutorial assumes you are running Windows, because that’s the operating system most people have on their desktop or laptop.

Prerequisite: For this method to work, the browser you were/are working in needs to be kept open and undisturbed. Do NOT close your browser and do NOT close the browser tab your data was lost in! Leave it open. Don’t touch it. Open a different browser and proceed with these instructions in that browser.

Ready? Let’s go!

  1. Determine whether the browser you were working in is multi-process or single-process. If it was Internet Explorer 8 or Chromium (i.e. the spyware-infested Google Chrome – yuck, or ChromePlus – free of Google’s spyware), then the browser is multi-process. If it was Firefox or a previous version of Internet Explorer, the browser is single-process. If you use some other browser, search for the answer on Bing.
  2. If you use a single-process browser, proceed to the next step. If you were using a multi-process browser like IE8, maximize that browser now and begin counting how many tabs are currently open, beginning at left. Stop counting when you get to the tab you were working in, where your draft was eaten. Write this number down.
  3. Next you need to download two tools: pmdump and strings. These tools will permit you to dump the browser’s memory into a text file for examination so you can look for the contents of that lost draft. Go here to download pmdump. Then, go here to download the Sysinternals strings utility. Download these files to your Desktop.
  4. Click the Start button. Choose “Run” and type “cmd”, then hit Enter. (Vista/Win7 users: Just type “cmd” into your search box and hit Enter).
  5. A black screen will appear and will display a copyright message, then it will show a command prompt, like this: C:Documents and SettingsYour Username>
  6. Navigate to the folder where you downloaded pmdump and strings (should be Desktop), by typing the following and hitting Enter:
    • cd Desktop
  7. Now it should say C:Documents and SettingsYour UsernameDesktop> Type the following and hit Enter:
    • pmdump -list
  8. You should see a list of currently running processes ending in .exe with numbers to the left of them.
  9. Now it’s time to dump the memory. First, however, we have to narrow down which process contains that lost draft. (If you were using a single-process browser, skip to the next step). To do this, we’ll isolate all processes related to the browser. So, for instance:
    • pmdump -list | find "chrome" OR
    • pmdump -list | find "ieexplore"

    Once you have executed this command (again, by hitting Enter), you’ll see a smaller list of processes. They will all have the same name, but different numbers preceding them. Start counting the number of processes, beginning at the top of the list. When you reach the number you wrote down earlier (of the tab you were working in), stop.

  10. Now write down the four-digit number of the line you’re on.
  11. To dump, type the following and hit enter, where “XXXX” is replaced by the number of the browser process. This command may take some time to run. Let it finish.
    • pmdump XXXX recoverdraft.dmp
  12. Now you’ll get rid of all the non-text data from the memory dump you just made using the strings utility. Type the following, hit Enter, and then be patient while it finishes:
      strings recoverdraft.dmp > recoverdraft.txt
  13. Leave the command prompt window open.
  14. In the folder where you downloaded pmdump and strings, you should now see recoverdraft.dmp and recoverdraft.txt. Right click on recoverdraft.txt and choose Open With > WordPad. The file may take a while to open, so be patient. If you were using Firefox and had many tabs open, the file will be huge.
  15. When the file finishes loading (assuming WordPad doesn’t crash) hit Ctrl+F to open the search box. Type a unique phrase from your draft and hit enter. If all goes well, you’ll stumble across decently-sized fragments of your draft, or maybe even the draft in its near entirety. If you find nothing, try another phrase, and then another.
  16. If you don’t find any fragments at all after several tries, it could be that you dumped the wrong process. Go back to the command prompt window and verify which process you dumped.
  17. If you miscounted, dump the correct process.
  18. For multi-process browser users: If you didn’t miscount and suspect the list of processes top-to-bottom does not correlate with the tabs open in your browser left-to-right, try dumping and running strings on each one of them. Obviously, this could be time consuming, but trial and error usually is!

Ideally, after following the steps above, you’ll succeed in recovering most or all of your lost draft. If your draft has been separated into a great many fragments, piecing it all back together will be tough. You are more likely to encounter fragments if you were switching back and forth between writing and doing something else (like researching) while you were composing the draft. If all you were doing was typing your post or newsletter for an uninterrupted bloc of time, you are likely to find your draft mostly intact.

You can close your browser and the command prompt after you are all done, and have successfully recovered your draft… or given up 🙁

In the future, save yourself a lot of time by installing Lazarus Form Recovery. This add-on is available for Firefox and Chromium (if you want to use Chromium, I recommend ChromePlus, not the spyware-infested Google Chrome).

Lazarus securely saves all the data you type into forms, so in the event of a crash, disconnection, or other mishap, you can get your input back with just a couple clicks. Lazarus works more reliably in Firefox. It may not save your bacon if you’re a Chromium user, because it is still in early development.

Remove Google Analytics from OpenVBX

If you’ve installed OpenVBX on your server to provide an administrative backend for your virtual phone system, then you may have noticed that Twilio, Inc. – the company that released OpenVBX – has slipped a Google Analytics tracking script into the package’s source code. I consider this unethical, because they don’t state upfront that they’ve done this. They can embed Google Analytics in their own website if they want, but it’s wrong of them to put it in the software that they’re distributing.

Essentially what Twilio is doing is spying on their customers without their consent. That Google Analytics tracking script is sending information to their Google Analytics account, by default!

I make a point of avoiding doing business with Google because Google is obsessed with destroying the whole idea of user privacy, which is sacred to me. I pay good money for full-fledged webhosting partly so I don’t have to rely on any of Google’s products.

So naturally, when I discovered that there was a Google Analytics tracking script hidden inside of OpenVBX, I wasn’t happy. I set about removing the tracking code as soon as I had a spare moment. If you’d like to do the same, here’s what you do:

  1. In the shell (or your FTP client) navigate to where you have OpenVBX installed, i.e. /home/user/
  2. In your OpenVBX installation, there will be a folder called OpenVBX. You want to navigate into this folder, then “views”, then “layout”. (Example path: /home/user/
  3. Navigate into the content subfolder. You’ll see a file called analytics.php. Open this file. Replace the entire contents with <!-- --> or, alternatively, tracking code provided by your Piwik installation. (Piwik is the open source alternative to Google Analytics, which you can run on your own server).
  4. Save the file. Now navigate back up to the “layout” folder and into the “flow-editor” folder. Again, you’ll see a file called analytics.php. Repeat the last step with this file.
  5. Save and you’re all done.

You have just removed Google Analytics from your OpenVBX installation. Privacy assured!

Bluetooth to the rescue

As anyone who has spent enough time with electronics knows, computers and mobile phones are delicate, fragile devices that are prone to malfunctioning or breaking. And often it takes just the loss of one essential component to render an entire device useless.

That’s what happened to me at the beginning of the month when I discovered, to my chagrin, that my BlackBerry would no longer charge when it was plugged in. I took the phone to the Verizon Store to find out what was wrong with it. Lo and behold, the USB port that allows the phone to charge and exchange data with other devices was broken. The only way to get it fixed, according to the Verizon employee I talked to, was to replace the whole phone.

Fortunately, the phone was still under warranty, so I was offered a free replacement. Taking the replacement, however, would have meant surrendering my old BlackBerry to Verizon, along with all of my settings, messages, and other data which I didn’t want to lose.

I ended up declining the replacement initially, so that I could figure out a way to back up my BlackBerry’s data first. I knew I could use my micro SD card to transfer off the pictures and music that were on the phone, but wasn’t sure how to save anything else. Neither were the unimaginative folks at the Verizon Store…  they had no ideas or suggestions to give me. The most they could offer was to simply go ahead and replace my phone.

I decided to leave my phone at the store so I could at least get the battery charged (it was almost completely dead when I brought the phone in).

When I got home I started researching the problem. I soon found a potential solution while browsing the CrackBerry forums. It turns out that BlackBerries can be backed up wirelessly using Bluetooth – no cables required. It sounded like Bluetooth could come to my rescue.

So I headed back to the Verizon Store. On my way there I stopped at Best Buy to purchase a Bluetooth desktop adapter for my notebook computer, which doesn’t have one built in. I had misgivings about going to Best Buy but didn’t want to drive all the way to Fry’s in Renton to get what I needed.

Turns out I should have.

The “Rocketfish” Bluetooth adapter I got from Best Buy refused to work, even after I had installed the drivers. I kept getting an error message telling me “Bluetooth license check failed. Please make sure that the bluetooth device you are using is licensed”.

As a result, I was unable to connect to my phone to back it up. But at least I was able to take my phone home with me, freshly charged, to keep trying. Unfortunately, I couldn’t get the Rocketfish adapter to work (Rocketfish, incidentally, is one of Best Buy’s house brands. Figures).

So the next morning, I returned it to Best Buy and did what I should have done in the first place: go to Fry’s.

At Fry’s I found a Belkin adapter that was less expensive than the Rocketfish adapter, and better supported. (The Rocketfish website is awful, there’s almost nothing there. No drivers, no real support).

I installed the Belkin adapter successfully but was unable to connect my BlackBerry. I returned to CrackBerry to find out why and found out that BlackBerry Desktop Manager only works with the native Windows drivers. I followed the instructions to register the Belkin adapter with Windows and then uninstalled the third party Broadcom drivers.

When I restarted my computer, the Found New Hardware screen came up. This situation wasn’t addressed in the CrackBerry instructions so I wasn’t sure what to do. I chose Install from a list or specific location (Advanced) and clicked Next. At the next screen I decided to try Option Number Three: Don’t search. I will choose the driver to install. I clicked Next.

To my amazement, Windows detected its own drivers and promptly finished the hardware configuration correctly.

I set my BlackBerry to listen for a Bluetooth connection and initiated the Add Device wizard in Windows. Sure enough, it came up. After creating a passkey, I was able to successfully connect. I then opened BlackBerry Desktop Manager. Thankfully, the Bluetooth options in the Connection Type selector were no longer grayed out. I checked the boxes to use Bluetooth and then Yes when the Desktop Manager asked me if I wanted to connect now.

Then, at long last, I was able to back up my BlackBerry.

Less than forty eight hours I had restored the backup onto the new replacement BlackBerry, plugged in my micro SD card, and I was back in business, with all my data intact. That is, except for applications, which I quickly was able to reload with the help of App World. And I now have a charging cradle to further reduce the wear and tear on my BlackBerry’s USB port. (It charges the battery via the gold contacts on the bottom of the phone).

Moral of the story: Just because someone tells you something is hopeless doesn’t mean it really is. I was able to save my data and save myself from a lot of trouble because I was persistent.

Safari for Windows: it just doesn’t work

When Apple announced it would offer Safari for Windows last June, I was curious to see how the browser would compare to Mozilla Firefox and Internet Explorer…so I downloaded it and tried it out. I was quite surprised to find that the browser functioned like an alpha product. It was buggy, slow, and extremely unpleasant to use. I related this experience to a friend of mine who practically worships Apple (yet chooses to live in Microsoft’s backyard), and I was assured Safari would improve, because it was just the first public beta.

Well, almost seven months later, Safari for Windows is still in “beta” (version 3.04) and it’s just as horrible as the day I first tried it. It boots up slowly, stupidly attempts to mimic the font rendering of its Mac OS X brother, has trouble processing Javascript and can’t open files in protected folders. (It will return the error Safari can’t connect to the server). Apple boasts on its website that Safari is “the fastest web browser on any platform” stating specifically:

Safari loads pages up to 2 times faster than Internet Explorer 7 and up to 1.7 times faster than Firefox 2.

And it executes JavaScript up to 3 times faster than Internet Explorer 7 and up to 2 times faster than Firefox 2.What does all that mean for you? Less time loading pages and more time enjoying them.

This is complete bogus. On my Windows XP SP2 machine, Safari struggles just to render web pages, let alone attempt to best Firefox, Opera, or IE in a speed competition. And it fails to execute Javascript consistently. It’s not in the same ballpark as the many mature browsers available for Windows.

I don’t know how Apple achieved the results it brags about in its own testing environment. Maybe there’s something on my machine that’s interfering with Safari, but I keep my system in good order, and other non-Microsoft browsers (Opera, Firefox) work well. But regardless, Safari’s performance in an Apple testing environment is a useless benchmark for end users. What matters is how well the browser works for the user, and that’s not the measurement the company is using in its marketing.

Even if Safari is improved, I doubt users of other browsers will switch to it. There’s no reason for them to do so. As far as I’m concerned, Mozilla Firefox remains the best browser available – for Windows, Mac, or Linux.

HP MediaSmart Server software and support far from stellar

A couple of weeks ago, after waiting nearly a month, I finally took delivery of HP’s MediaSmart ex475 Server, which I’ve been wanting to try out ever since I heard about it in early 2007.

The system, which is based on Microsoft’s Windows Home Server, comes with a terabyte of storage, a 1.8 GHz processor (an AMD Sempron 64 bit) and 512 MB of RAM. While I’ve found the product to be very useful (centralized data storage, automatic backups, cool add-ins) HP’s software and support has left a lot to be desired.

I had reasonable expectations for the product, and I’ve been mostly happy with it.

What I did not expect, however, was that I would encounter a major error after using the product for only fourteen days.

This morning, while logging in to my Windows Home Server, I was greeted by this error:

Input string was not in a correct format. At system.Number.StringToNumber(String st, NumberStyles options, NumberBuffer & number,, Boolean parseDecimal)
At System.Number.ParseInt64(String value, NumberStyles options, NumberFormatInto numfmt)
At HPConfiguration.IniFile.GetLong(String key, Int64 defaultVal)
At MediaSmartUpdate.MediaSmartUpdate.GetiniConfig()
At MediaSmartUpdate.MediaSmartUpdater.GetSettingsValues()
At Microsoft.HomeServer.HomeServerConsoleTab.HPSU. HomeServerSettingsExtender.initializeMembers(IConsoleServices.svc)

The console loaded after I clicked okay, but under “HP MediaSmart Software Updates”, where I’ve previously seen the date of the last update, there were instead six Xs:

MediaSmart Server - HP Update Blanks

It seems the error is a malfunction in HP’s own software, which essentially runs on top of the Windows Home Server platform. The problem seem to be affecting the performance of the operating system, fortunately, but it is certainly annoying.

Thinking I should report the problem, I went to the ex475’s support page, and was surprised to find that email and live chat support for the MediaSmart server are not available:

E-mail HP

Support E-mail not available
» E-mail questions before you buy

So I called HP instead – the only provided option for contacting the company in regards to the ex475. The representative that I spoke with had not heard of the problem, and all he could suggest was doing a server recovery, which would result in losing operating system settings, including user accounts. I suggested that HP take the opportunity to investigate the problem, and he fortunately saw the wisdom in that, so I have sent a copy of the error message to HP.

It’s frustrating, though, that HP’s bundled software should just abruptly stop working. I certainly appreciate not having any bloatware on the system (trial offers, third party products, and the like) but why not just ship a clean version of Windows Home Server on a compact and sleek package of hardware, and let customers download the optional extras (like iTunes synchronization across home PCs, or the photo Webshare) only if they want them?

(There are great alternatives to HP’s offerings – if I want to easily share photos, for example, I could install the Windows Home Server Flickr synchronization plugin, and not bother with the Webshare).

My call to HP was the second time I had called the company about the ex475. The first time I called, I was curious to see if HP could tell me how to get into the desktop of my home server. (The ex475 doesn’t come with any peripherals, and the provided console software doesn’t have any kind of shortcut for desktop access).

After going through two people, including what sounded like someone at an outsourced Indian call center, I was told by the third that my simple question was “outside of his support boundary” and that if I wanted an answer, I would have to pay to talk to a product support specialist. Incredulously, I said no thanks. I managed to configure my router to support a Remote Desktop connection to the server on my own. I was able to run the .exe installer for Avast! Windows Home Server edition. (As far as I know, Avast! is the only vendor to be offering a security solution specifically for WHS).

There was of course nothing in the product’s manual that relates to the error I saw, although when I was flipping through, I noticed that HP had failed to properly proof the document before sending it to the printer. Take a look at this excerpt, Table 15 from the “Troubleshooting Tips for DRM” section of the manual:

Question/Issue: Why can I play and stream DRM content [from] my home computer but I can not stream it from my HP MediaSmart Server?

Answer/Resolution: The HP MediaSmart Server includes a media server for streaming iTunes music to PCs running iTunes through[out] the hous. See the section in the User’s Guide on iTunes.

For Windows Media DRM (WMDRM) content (protected .wma music and .wmv videos) the HP MediaSmart server does not support streaming of this content to DMAs at this time [do we want the “at this time”? we will support it after the February update; should we say that?]. Playing (and streaming) of WMDRM protected content requires that the device that is playing the content have a license for that content. When you downloaded the content to your PC, you also received a license to play that content on the PC. If you copy the files to the HP MediaSmart Server, you cannot copy or transfer the license to the server. The server must obtain its own license, and we do not provide for this feature in the current product.

As you can see from the bolded sentence in brackets above – which appears verbatim in the table! – somebody at HP forgot to remove a comment from the draft out of the copy that was sent to the printer. Oops. Pretty funny, too.

Perhaps more importantly, the paragraph above shows one of the fundamental flaws of digital restrictions management (DRM) – crippling a user’s freedom to move and back up their own legally acquired content (like a music library). HP’s MediaSmart Server cannot (yet) play or stream .wmas for people who have faithfully followed the encouragement of Microsoft and the RIAA and paid money for crippled digital music. You’re punished if you do what the record industry executives want you to do…funny how that works. I’m glad my music is DRM free.

Bottom line: if you’re thinking about spending several hundred bucks on a MediaSmart server, you want might want to consider another product preinstalled with the Windows Home Server OS, because HP’s MediaSmart Server software and its technical support have a good likelihood of giving you a headache, unless you’re really patient and enjoy solving computer problems.