Hashemian Blog
Web, Finance, Technology, Running

Why I Voted Obama Today

by @ 12:01 am
Filed under: politics

I am an independent in just about all facets of my life, including in my political choices. It's a simple belief that not one party is right or wrong all the time and either side can produce good or bad candidates.

While many have supported or opposed Obama because of his economic policies, my vote went to the person that would be less likely to start a war. Having subsidized (through tax payments) one unjust war, my conscience could not bear the responsibility of financing another. Under Obama I may pay higher taxes, I may subsidize the poor, or I may pay more to heat my house, but for me the stakes were much higher. The risk of contributing to the demise of more innocent lives was much greater under a McCain administration.

The Iraq war was based on fabricated evidence. We went to Afghanistan to capture a terrorist mastermind, but somewhere along the way we were railroaded into another war that was anything but rightfully justified. The terrorists who committed the 9/11 atrocities were Saudi Arabians, financed by a Saudi. They were trained in Afghanistan. Most transited through Europe and they got their flight lessons in the US. There was no connection to Iraq and no weapons of mass destruction were ever found there.

In the ensuing years American forces and Iraqi citizens have sustained heavy losses. For what? Bin Laden and most of his cronies are still at large, while the architects of the Iraq war (Bush, Cheney, Rumsfeld, Wolfowitz) gloated over the capture and hanging of Saddam Hussein. Yes, he was a brutal dictator but also a one time pal, armed to the teeth by the same powers that eliminated him.

Reminds me of the song "Fortunate Son" by Creedence Clearwater Revival:

Some folks inherit star spangled eyes,
Ooh, they send you down to war, lord,
And when you ask them, how much should we give?
Ooh, they only answer more! more! more!

Well, today I decided not to give them any more!

,,,,,,

ASP.NET Denial of Service

by @ 11:41 pm
Filed under: microsoft,web

How to send your IIS server into a frenzy with one line of HTML code? I didn't think it was possible until a few days ago we were stung with a persistent denial of service at work. This is what the event log showed on every instance of outage:


Event Type: Warning
Event Source: W3SVC-WP
Event Category: None
Event ID: 2262
Date: 10/23/2008
Time: 8:32:51 PM
User: N/A
Computer: WEB
Description:
ISAPI
'C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll'
reported itself as unhealthy for the following reason:
'Deadlock detected'.

I have always been frustrated with IIS event logs and there's one proof of that. OK, I know there was a problem, but can this be more specific? which process? which application pool? Which page? This is hardly helpful. I believe new Failed Request Tracing feature in IIS7 was designed to help with just that. Countless debugging hours would be saved if one could quickly identify a misbehaving page. Googling this entry lead me to the http://support.microsoft.com/kb/821268 KB article and that sent me on a wrong path for some time before realizing that I was on a fruitless chase.

Finally, After 6 hours of struggling with the server (Window Server 2003, IIS6, CLR 2, FCL 3.5) and slicing and dicing and moving various applications to different pools, I found the offending ASPX pages. It didn't take long for my colleagues to discover an HTML anomaly in those files. And here it is in a generic format:

<p param1="" param2="" param3="" param4="" param5="" 
param6="" param7="" param8="" param9="" param10="" param11=""
param12="" param13="" param14="" param15="" param16="" param17=""
param18="" param19="" param20="" param21="" param22="" param23=""
param24="" param25.="" />

Notice that last parameter with a trailing period (.)? that's the culprit right there, an HTML tag with a long list of attributes and a punctuation mark in one or more of the ending parameters. It had crept into our pages via a poorly made web editing product.

To test for yourself, just drop the line into an ASPX file and browse to the page and watch the CPU crank up and eventually the server refuse to serve pages. Remove the period or reduce the parameters and the page will display fine. I know, seems hard to believe. I didn't believe it either at first. But the results were the same on IIS6 and IIS7 on various platforms.

My hunch is that this tag throws the ASP.NET engine into a regular expressions frenzy as it tries to construct the page elements and compile the page into a DLL application. Now this HTML syntax might look weird but I don't think it's illegal and it certainly shouldn't cause a denial of service. Certainly IIS or browsers have no issue with HTML files containing such tags.

While at first I had feared serious security risks, this issue has a limited risk factor. In order for an attacker to exploit this issue, he would need access to the page sources. It's not something that can be injected in or remotely scripted into the page. Of course someone with a shared hosting service, could potentially take down the entire server and all the sites along with it.

So if you run into such a problem on your IIS web site, you might want to check your source files for these types of HTML tags. And by the way, Microsoft has already been advised of this issue and they have indicated a fix will be incorporated in the next ASP.NET release.

,,,,,,,

Certified U.S. Based Technicians

by @ 9:53 pm
Filed under: business,technology

Certified U.S. Based TechniciansHere is an interesting banner ad from AT&T I saw tonight while browsing a news site. I'm not sure what the certification process for U.S. based technicians is, but the ad addresses the angst Americans have had dealing with representatives with thick accents, unfriendly attitudes, or low qualifications.

Personally, my experience with foreign agents hasn't been too calamitous. Most have been helpful, and relatively articulate. But I must admit that for those times when I need critical and immediate help, there is no substitute for state-side assistance.

Being an Iranian expat, I know something about foreign cultures and I can say that with some exceptions, U.S. companies offer some of the best customer service around. Not to disparage Iran, but over there you have a snow ball's chance in hell of getting prompt and courteous customer service, unless you're personally known to be a lucrative and loyal customer. It’s the reality of that culture.

And the reality in the U.S. is that customers expect and rightfully deserve to be coddled. I think it's a smart move for AT&T to highlight their state-side operations in their campaigns. If I were shopping around for such a service, I would surely take that into consideration.

,,,

For Update, Update to Update

by @ 9:44 pm
Filed under: microsoft

Recently after installing Windows Server 2008 on a new server at work, I noticed this interesting message from Windows Update. I'm not sure, but I think it had something to do with update 🙂

Windows Update

,,

Half Marathon 2008

by @ 10:38 pm
Filed under: health,running-hiking

Ran the ½ marathon today and as expected my performance was dismal. I ran the course in 2:14:58, at the pace of 10:18/mile. Last year I finished the race in 2:02:32 and the year prior to that my time was 1:55:52, and the one before that at 1:54:05. Beginning to see a pattern here. But this was my first race with a herniated disc, so I guess I can cut myself some slack here.

The race started at 8:30 AM in a cold rain. I absolutely hate running the rain, but not much can be done about that. Some people had bundled up to face the cold and wetness, others (myself included) were going to brave it with only a t-shirt. My rationale was that extra layers will get heavy in the rain and besides the running will warm me up anyways.

I hadn't taken any painkillers this morning so I was expecting back discomfort. The discomfort was there, some radiating pain and tingling down my left leg, but eventually it subsided enough that I was barely aware of it.

I had decided early on to pace myself in this race, as in, go slow and steady to avoid any potential aggravation of my back. I pretty much stuck to that the whole way through. While I knew this would hurt my finish time, I had no idea about the positive side effect. In the few years that I have run in this ½ marathon, this race was by far the most pleasant and enjoyable of them all. Ironic, considering my fears of back pain flare-ups. The rain was a nuisance, but unlike past races, I finished the course barely tired and in no pain. In fact I could probably continue for another 5 or 6 miles with ease.

I never downshifted to a walk, nor did I stop at any water stations. It was as if I wasn't even in a race. I was paying more attention to my surroundings (beautiful, scenic nature) than to the race itself.

I feel a bit conflicted over my time in this race. I guess I should be disappointed, but I'm really not, and here's why. As recently as a week ago I didn't even think I could handle the course and here I was crossing the finish line. To top that off, it went smooth and steady and it turned out to be the most enjoyable ½ marathon ever. For the first time ever, I actually began entertaining thoughts about running a full marathon.

,,,,

Herniated Disc and Half Marathon

by @ 10:01 pm
Filed under: health,running-hiking — Tags:

One of my biggest anguishes I've had about getting hit with a herniated disc has been my inability to participate in my town's annual half marathon. But as I recovered from this affliction and started to run again I began to think that perhaps my fears on that front were premature and I could at least try the race this year. So I decided to register for the event next week and give it a shot.

My running performance hasn't been anywhere near before my injury. I jog slowly about 4 or 5 miles depending on my condition every other day and I've learned to be satisfied with that. Running 13.1 miles has been such a distant goal that I knew I was deluding myself about running, let alone finishing, this race.

Then to add insult to injury I got hit with another blow to my back yesterday. I must have over-extended myself lifting heavy bags after grocery shopping. Those with back pain know what I'm talking about. As you begin to straighten up you feel the dreaded pop in your back followed by the pang of sharp pain. It's unmistakable and it's the beginning of yet another bout with extended back pain. After muttering a few expletives under my breath I realized that this was the kiss of death for next week's half marathon. Just my luck! Oh well, perhaps this was a sign that I should accept my condition and avoid strenuous activities.

Yet there's that stubborn part of me that just won't capitulate. So after a painful night, I popped two Advils today and decided to pay a visit to the half marathon course to evaluate my condition. I planned to run the course as far as I could and then quit at the 7th mile or so, if I could get that far.

Right from the start the back pain kicked into high gear and kept hounding me to stop. "No way," I thought to myself and I kept on going with pain piercing my back and pins and needles radiating down my legs. I wasn't about to let the pain force me to quit. As I passed every mile marker already painted on the course, I said "one more mile" and pressed on. As I reached the 7th mile, I had a sudden realization that I've made it this far, might as well finish the darn thing. The temperature was mild but humid, pain was my only companion, and there were no water stations to get hydrated, but finish I did.

When I incredibly passed the finish line, I continued for another fraction of a mile as a sort of a victory lap. Dehydrated, exhausted, and pain-ridden (and not just in my back anymore), I got in my car to drive home, dazed at what I had actually done. I hadn't stopped even once. It was one smooth jog from beginning to end.

I'm not sure if this was a case of mind over matter or just a foolish act to defy my own body and prove a point. Whatever the case, I learned that the human body can sometimes be pushed beyond its perceived limits. The jury is still out on whether I can repeat the performance next week at the race. On top of that I might have aggravated my condition today. But even if I can't, I know I ran the half marathon even before the starter pistol's trigger will have been pulled.

*UPDATE: Herniated Disc - 4 Years on - Mar. 2012

Windows XP Service Pack 3 Error

by @ 11:27 pm
Filed under: google,microsoft

Last week I stumbled upon this Gmail Blog post mentioning that IE6 (Internet Explorer version 6) now supports some of the GUI enhancements offered by Gmail. But in order to exploit these enhancements, one had to apply a critical update to IE6 from Microsoft. An interesting point cited by this post was that Google and Microsoft developers had worked together to address the issue. I didn't think these guys even talked to each other, let alone cooperate to release an update for the IE6 browser.

I had always wondered why Gmail appeared less fancy in IE6 than in other browser like IE7 or Firefox, and this post finally resolved that mystery. Now I'm not the type to jump on a patch or a service pack as soon as Microsoft releases them. I still use IE6 on Windows XP at work and at home alongside Firefox 3, and I have no desire to upgrade to Windows Vista or IE7. The prospect of better Gmail experience however was tempting enough for me to pay a visit to the Windows Update site and apply the IE6 patch.

I have automatic updates disabled on my machine and apparently I was missing a lot of them as I was suddenly greeted with a long list of security and critical patches once I got the process rolling. Among the list were two notable items, IE7 and Windows XP Service Pack 3. I promptly opted out of IE7, but decided to give SP3 a green light. Little did I know that I'd be wasting the next 3 hours of my life over this inane service pack.

The process started our smooth enough. a number of patches were applied, followed by the obligatory reboot. Then came the SP3 update from hell. The sluggish process would run almost to the end at which time an error dialog box would pop up with a simple message: "Service Pack 3 setup error. Access is denied." Huh? Access to what is denied? Acknowledging the message would commence a rollback process as sluggish as the installation itself, followed by an automatic reboot.

Not acceding defeat, I ran a Web search on the error and found this KB article from Microsoft Support. Apparently I wasn't the first person having this issue. Following the advice of the article, I exited my antivirus program (AVG) and tried once more, but again I got the same error. Perhaps Windows Defender was the culprit, but stopping that process didn't help either. After a few more tries shutting down various programs like Diskeeper and Symantec's Backup agent, I was still getting nowhere. Finally I fired up Process Explorer and slaughtered every process in sight until only the basic ones remained. And yet, SP3 defiantly refused to be installed. It was the same old snail-pace install-error-rollback-reboot that I was getting well acquainted with.

There comes a time when a person must cut his losses and move on and my time was then. Most likely the trouble was a registry permission issue which is also mentioned in the KB article and a solution is offered. But by then my patience had already run out and by that final reboot I decided that SP2 was good enough for me.

In the end it turns out that SP3 doesn't really offer anything substantial over SP2. A few security fixes and optimizations but nothing so crucial that’s worth this kind of hassle. Happily, the IE6 update had been applied (possibly among the first set of patches) and that wiped away any modicum of temptation I might have had to give SP3 one more shot. The computer is working as before (even after the multiple upgrade onslaught), Gmail enhancements now appear fine on IE6, and my only regret is not stopping after the first SP3 update attempt went awry. Sorry SP3, we just weren't meant to be together.

,,,,,,

DNS Vulnerability

by @ 10:42 pm
Filed under: computers,hacking

While programming is my main focus at my company, one of my side jobs at work is networking. I have no complaints as I'm curious and interested in the inner workings of computer networks. Our IT department handles most of the networking tasks, but I usually find myself getting involved in setting up connectivity in the company. Whether it's a firewall, a router, a reverse proxy, or a DNS server, I find the networking field too fascinating to ignore.

That's why when the latest DNS vulnerability, discovered by Dan Kaminsky, came to light in April 2008, I began investigating our DNS servers to determine the risk factors. Dan's site contains a simple tool to assess the risk and it identified all of our caching DNS servers as vulnerable. A patch from Microsoft took care of our Windows-based DNS servers, but there was also a Fedora server in the mix running an old version of BIND that needed attention. Patching that server would have required upgrading to a newer version of Fedora.

I knew I could buy some time using the safety-in-numbers logic, but today I finally decided to tackle that server and plug the hole. My intention was to install the newest version of Fedora (version 9) on a new hardware and then add a patched version of BIND on top. BIND is a great name server product but it has a large footprint that seems like an overkill as a caching server. There are several other free DNS products out there so I began to look for an alternative.

My search eventually led me to PowerDNS (PDNS) and I decided to give that product a try. After installing Fedora 9 on the server, I downloaded the latest RPM of PNDS and promptly installed it on the server. PDNS comes in two flavors. The authoritative version and the caching version, known as Recursor which is the one I was interested in. The install was a breeze and the configuration was as easy as importing some of the data from the old BIND server and making some quick edits to the recursor.conf file. A server restart to make sure everything is in order, and I had the new caching server up and running, resolving names.

PDNS has been free of the DNS cache poisoning vulnerability for a few years now, and Dan's site confirmed that the new server was indeed running at much safer levels.

There is little doubt that the bad guys are hard at work to poison as many DNS servers as they can get their hands on. If your unpatched servers haven't been targeted yet, it's only a matter of time before they are. Whatever method or product you use to avert this risk, the sooner you do it, the better. As a quick alternative, you can use one of several free and already safe services like the one offered by OpenDNS.com as direct name servers or as forwarders on your caching servers.

,,,,,,,,

Online Car Registration Renewal, Finally

by @ 10:00 pm
Filed under: social,web

It's taken a long time. Perhaps a decade late for the Connecticut Department of Motor Vehicles to carry out some transactions online, but better late than never. While most of the private industry has shifted their operations online, the government is painfully behind on that front. The reasons range from the government being generally slow, to having under-paid technology workers and to shunning change. But change is inevitable and the DMV has finally taken some steps to that end.

When I received my registration renewal papers in the mail a couple of weeks ago as I have for years, I started to reach for my dusty checkbook to write a check and mail it in. that's when I noticed a new section on the paperwork detailing their online renewal service. I thought this was one of those payment processing sites that handle credit card payments on behalf of the government offices and charge an extra fee. But no, this was the real deal. An actual DMV site that handled renewals and accepted credit cards with no extra fees.

It took a mere couple of minutes to take care of the business on the site and I had an email confirmation soon after. The renewal document and sticker followed about a week later. It took them quite a long time to get on with the technology but I'm happy that they finally made it. I just hope that enough people make use of it and there are no major glitches to force them back to the old way. Online payment sure beats writing checks and licking stamps.

,,

Herniated Disc, Six Months Later

by @ 10:59 pm
Filed under: health,running-hiking — Tags:

It's been nearly 6 months since I was diagnosed with a herniated disc. During that time I have had to make some lifestyle changes, but looking back, the adjustments haven't been as drastic as I might have feared initially. Or perhaps I am now just used to dealing with the condition.

When I was in the throes of the torturous pain, all I could think of was that my life as I knew it had ended. There would no longer be any running, no motorcycle rides, no hiking and no getting in and out of the car without the excruciating pain. Fast forward 6 months and those dramatic changes I was afraid of didn't quite materialize. There has been some changes to be sure. No lifting of heavy objects, no fast running, and occasional pain in the lower back and down the leg to contend with. But with daily exercises, sleeping on a hard surface, and avoiding long periods of sitting, I have been able to reclaim some of the freedom I used to enjoy.

Thankfully, so far I have been able to avoid steroids shots or more drastic measures like surgery. I have done quite a bit of research during this time and realize that many people aren't as fortunate as I have been, but at the same time many others live normal lives with their herniated discs.

As far as I can tell and as explained by my doctor, the herniated mass has probably shrunk with time, relieving the pressure on the spinal cord and affording me more freedom of movement. That is not to say that I am completely pain-free. There are occasional bouts with pain and discomfort which I manage with patience and a few doses of pain killers. But generally, I have resumed a relatively normal life. The prospect of another attack is on my mind every day, but I try not to let it rule over my life.

My approach to my condition has been not to succumb to a state of hopelessness. It's difficult not to, but after accepting the situation, I decided that the best way to manage it was to continue with my activities the best I could. Ditching the bed for a thin pad on the floor has helped. So have daily back exercises and conditioning. As much as I wanted to continue with my running routine, I initially down-shifted to walking. Even that was painful at first, but as time passed I was able to slowly incorporate some jogging in my daily walks until I was ready to completely switch over to jogging. On good days, I would increase the distance to 4 or 5 miles. Currently I'm on alternate days of jogging and walking and that has been relatively steady. I have also learned not push it too far. When there's pain during a jog, I heed my body and slow down to a walk. There's no reason to be stubborn and risk paying a big penalty later on.

The point is that if you are an active person who has suddenly been struck with a herniated disc don't lose hope and wallow in grief too long. It doesn't have to be all or nothing. There's always a middle ground. Accept what has happened and then make the right adjustments to battle your way back. You may never be the same as before, but concentrate on what you can salvage rather than fussing over what has been lost.

*UPDATE: Herniated Disc - 4 Years on - Mar. 2012

« Newer PostsOlder Posts »

Powered by


Read Financial Markets  |   Home  |   Blog  |   Web Tools  |   News  |   Articles  |   FAQ  |   About  |   Privacy  |   Contact
Donate Bitcoin: 1GfrF49zFWfn7qHtgFxgLMihgdnVzhE361
paypal.me/rhashemian
© 2001-2021 Robert Hashemian   Powered by Hashemian.com