Hashemian Blog
Web, Finance, Technology

Yahoo Mail Down Again

by @ 10:09 am
Filed under: business,email,web — Tags:

It is hard to say anything positive about Yahoo since Marissa Mayer took over the helm.

Useful services (e.g. Pipes) have either been eliminated or are just languishing (e.g. Mail).  Today Yahoo Mail is down again. Alibaba's stake hasn't turned out to be the savior it was once deemed.

At this point the stakeholders are surely kicking themselves for not taking Microsoft's buyout offer back in 2008.

The future isn't looking too bright for this once thriving vanguard of the Web. Perhaps it is time for new leadership.

Can Jet Beat Amazon?

by @ 4:18 pm
Filed under: business,web — Tags: ,

jet amazonThe idea behind Jet, a new online marketplace site, is simple. Borrowing from Costco's concept, Jet charges its clients an annual fee and in return ships products to customers with no mark-ups and in many cases with substantial savings over other shops, including Amazon.

Being a Costco fan, I like Jet's model. Add to that a good dash of dislike for Amazon and I may actually try Jet at some point. Seems like Jet is having some success getting its name out.

Jet's founder, Marc Lore, was the man behind diapers.com, a once successful ecommerce company who got crushed under the weight of Amazon and finally what was left of it was assimilated by Amazon. Now Lore is back to take on Amazon again, only this time he's going after the entire retail side of the company. Amazon's CEO, Bezos, can't be too happy about this, but is he worried?

I doubt Bezos is losing much sleep and here's why. Amazon may be known for perfecting the online marketplace and for being uber-competitive but Amazon has become adept at thriving while swimming in failure. Which company can lose money for over 20 years and be handsomely rewarded for it? For the last quarter it reported a measly $90 million in profit and saw its market cap rocket up by $50 billion when stocks opened last Friday.

The point is that competing with Amazon is like competing with a bottom-less pit for the bottom. Amazon crushes its competition by spending nearly infinite amount of money knowing that the stake holders expect nothing but losses every year. When you are rewarded for losing money, it's not difficult to spend all the money in the world, and that's what Amazon does to stifle competition.

Of course Jet realizes this fact and it has dug in, preparing itself and its investors for years of losses as its competition with Amazon heats up. Will it find the same love and admiration from its backers and future shareholders? Doubtful, but I actually hope so. Not just because I dislike Amazon, but also because some day I'd like to start my own thriving business that is successful at losing money forever.

Craigslist eBay Motors Car Scam

by @ 1:09 pm
Filed under: internet,web — Tags:

ebay-craigslist-car-scamI'd been in the market for a used car when a too good price on Craigslist caught my attention. I'd sold a street bike on Craigslist a few years ago and had a good experience so figured to go into this but with raised antennas.

An email later, the seller reveals a sob story about the car belonging to her dead husband and wanting to move on. The car's in a great shape with all paperwork in order. Sounds plausible, so can I see the car? Seller replies the car is in some eBay garage across the country in lot number so and so.

No worries, she just needs my info and eBay will contact me about payment. The money will remain with eBay until I receive the car and I have 10 days to inspect it. If any issues, I can return it at no cost to me.

So I ask for the eBay page where the car is listed. Seller says she took it down because of the fees. But really, eBay will make all arrangements.

Yeah, sure man. Of course at this point the full blown scam was obvious, but should have been obvious at Craigslist. A quick Google search revealed that this unholy Craigslist-eBay alliance bait and switch is in fact very popular and a few people have been victimized, buyers and sellers.

So why this post? Just adding one more page to Google's search results to raise the warning volume slightly more.

Read this and stay vigilant. There's plenty more info on this. Just Google it.

Bait and Switch Google Adwords

by @ 12:37 pm
Filed under: google,hacking,web — Tags: ,

We're all familiar with targeted banners these days. Visit a shoe site and suddenly all banners in various web sites are shoe-related.

It seems the banner scammers/hijackers have figured this out too. Recently I noticed suspicious Adwords banners originating from a site called adnxs.com.

My guess is that the malware authors use Adwords or similar networks or sub-networks to target users with certain keywords, for example shoes. They may upload legitimate ads in the beginning and may even run them for a while to gain the network's trust. But then the switch happens and malware ads such as below are displayed.

malware banner

To a lay user, a banner such as above may look legitimate enough to click which will inevitably lead to a malware download and it's game-over for that user. The banner obviously has the tell tale look of being a scam, with the "importent" update it purports to install.

Hard to say if adnxs.com or similar sub-networks are in on the scam or just look the other way as long as the money keeps coming. Whatever the case, browsers and anti-virus programs seem unable to stop these annoying and harmful banners.

Facebook Like, The Big Fake

by @ 6:25 pm
Filed under: google,web — Tags: ,

facebook fake likeEarlier this year this insightful article delved into the business of click farming where people and businesses (and apparently even the US government) pay shady companies a modest fee for thousands of Facebook likes, or Twitter followers, or YouTube views. Only that these likes and clicks are generated by click farms, either malware robots and zombies, or zombie-like people clicking mindlessly, essentially producing inflated popularity through fraud.

I am not much a social media expert or even user, yet I knew about click farming. I just didn't know how extensive the practice was until recently.

At this point we must assume that the vast majority of likes, views and followers are fake. Certainly not everyone is involved, but faced with such overwhelming and obvious scam, one must conclude that digital popularity is now but fiction and holds no credibility. And it doesn't matter who they are, even governments, legitimate companies and celebrities can not be ruled out.

Online scamming is not new. When link farming became a popular method to attain high ranking in Google results pages, Google fought back by changing the rules because SEO scamming was becoming an existential threat to its business. Once users' trust is lost, it is difficult, if not impossible, to gain it back.

Popular social sites such as Facebook, Twitter, LinkedIn, and YouTube are now faced with the same credibility issue and they are fully aware of the problem and have the means to correct it. But it's business as usual because most users haven't woken up to the reality of click farming, yet.

Just like now when everybody immediately dismisses an email purportedly sent by a Nigerian prince, an increasing number of users are glossing over the stats on social sites. When the majority of these stats are fake, the whole system becomes useless and irrelevant.

Stack Overflow on stackoverflow.com

by @ 5:40 pm
Filed under: web — Tags:

Ok, they're down for maintenance but for a second I thought their site had really blown the stack 🙂

stackoverflow

NBCnews.com's Ugly Redesign

by @ 2:17 pm
Filed under: web — Tags:

For many years MSNBC.com had been the first new site I would visit for news. Then the site became NBCnews.com, with MSNBC.com becoming who knows what. But I knew the day would come that the NBC folks would create a monstrosity and foist it on their readers in the name of uniformly supporting desktops and tablets. But they did is even worse that I could have imagined.

Yes, the dreaded giant tiles were brought in to make the site more appealing? More legible? More something? How about more ugly?

nbcnews ugly

I admit, The old NBCnews.com homepage design wasn't the prettiest but it was functional, organized, and practical. Topics were categorized with links to stories under each topic. The page flowed well.

With the redesign we have a big mess of large graphics smashing into each other with no obvious rhyme or reason, as if someone just emptied a big pile of rubbish on the screen and invited the readers to randomly pick and choose the stories to read. And there's no way to get the classical look back.

No thanks NBC, this homeliness isn't for me and I must assume not for many others either. I miss the old MSNBC.com sometimes, but at least there's no shortage of news sites. CNN, BBC, Daily Mail and others, listen up. Redesign and refresh your sites if you must, but stay away from tiles. You want to offer ugly sites? create a parallel site, and let people choose between ugly or functional.

P.S. I know my own site is ugly, but I'm no designer and at least I admit it.

Wordpress 'page_option' Hack

by @ 1:21 pm
Filed under: hacking,web — Tags:

wordpress-hackWordpress is a great publishing product but its popularity is also its Achilles heel. It's notorious for being a favorite target of hackers and many have been successful in compromising plenty of installations out there, including this one.

Having automated monitoring software is certainly a prudent way to stay on top of things, but in the end vigilance and bit of common sense seems to be a good way of detecting and removing attacks. Thwarting them is of course another story.

Staying with the vigilance theme, for some time I had noticed that this blog was very slow. I just attributed it to the server load or bandwidth issues but like everything else after a prolonged time of sluggish performance I turned my attention to the installation itself.

That's when I discovered the 'page_option' hack. The 'functions.php' file in my theme folder had been appended with a block calling the 'add-action' with the 'wp_head' parameter. The second parameter was from a deserialized array coming from a newly added row in the 'wp_options' table (in MySQL) with the 'option_name' field set to 'page_option'. The whole thing smelled of a hack, you know the mysterious call to decode and slice up some long encoded string. Why do hackers waste so much time with these idiotic obscurity schemes? Just dump the damn payload in. the layman won't see it and the rest can spot it from miles away, totally pointless.

A Google search brought up this reference, and the blogger's experience was very similar to mine and indeed I found the offending '/wp-includes/page.php' file just as he had. He has very good tips and hints on dealing with this hack, so head on over and give it a read.

As for me, I removed the offending block from the 'functions.php' file, delete the '/wp-includes/page.php' file, deleted the 'page_option' row from the 'wp_options' table and removed all unused themes and plugins, in case those were the hacker's conduit.

The page load times are now back to normal and for good measure I updated Wordpress to the latest version, always a wise move as they always plug new security holes.

Stay vigilant…

My EPUB Journey - A Sort of EPUB Primer

by @ 6:00 pm
Filed under: technology,web,writing — Tags: , , ,

With the proliferation of the mobile devices, books have morphed into digital versions and are increasingly viewed in their digital rather then paper formats. To that end there are several popular formats for e- books. PDF, the well-established type from Adobe has been around for many years and still widely used for digital books, but newer formats have begun to supplant PDF as they are more suited to mobile devices. Of those, the most popular is ePub, used by almost all modern e-book readers, except for Amazon Kindle, which uses the KF8 or AZW formats.

With ePub content is optimized and can easily reflow as the user zooms in and out, making for a much smoother reading experience, regardless of the device . In a previous post I mentioned that iUniverse had uploaded my book to Google Books (now part of Google Play) along with its ePub version and how I was able to stop that. In doing so, iUniverse had managed to knock out my own upload from Google Books which I had done long before. I already had the PDF version of my book, so re-uploading that format was a simple task. Generating the ePub version to upload wasn't so simple, specially since I wanted to do that at no cost.

The first order of business was to get an ePub reader on my computer. To that end I followed Google's suggestion of installing Adobe Digital Editions. The product can be used to read eBooks and it has a library feature where one can create a collection of eBooks. Another product, Calibre, does the same and can handle other formats such as PDF and it has other features such as format conversion.

Adobe Digital Editions

Adobe Digital Editions

My first inclination to create the ePub version was to convert the PDF file of the book I already had. One of  the promising methods that I found was an add-on for OpenOffice. After installing OpenOffice and subsequently the add-on, I started the conversion and waited and waited and waited. After a couple of hours the process ended and I had a giant ePub file to contend with. When I tried to view the file in either of the ePub readers it became evident that the conversion result was less then stellar. The text was mangled and jumbled and the ePub was basically useless.

At this point I decided that conversion from PDF is an inexact science and most attempts would  not yield a usable ePub file. Fortunately I still had the original copy of my book as a Word file and figured that would be a much better starting point. What I found incredible was that Word itself has no means of exporting to ePub. Seems unbelievable, but that is the case.

Googling possible options I was back to the freeware product, Calibre. Calibre can be used as a digital library and a reader and it offers some simple conversion tools as well. This article shows how a Word file can be converted to ePub using Calibre. Following the instructions, I was able to tag the book chapters in Word, save the book as html and then make the conversion to ePub in Calibre. Finally I had the ePub version of my book and I confirmed this by loading it in both Calibre and Adobe Digital Editions.

Calibre

Calibre

Time to upload the book to Google Play and be done with this project. Google Play happily accepted the upload and even displayed a progress bar, but in the end it showed no indication that anything was uploaded. I tried multiple times and the result was the same, no indication that I had uploaded anything. What does one do when an app doesn't work, doesn't produce helpful error messages and there's no tech support? Check the help files. Therein was a mention of a product called EPubCheck which one was expected to use against ePub files to validate them before uploading to Google Play.

Seemed like long shot specially since my ePub was working fine with two different viewers, but there was little else I could think of. EPubCheck is written in java and requires JVM to run. Fortunately I already had JVM on my PC so I ran EPubCheck on my ePub file and a flurry of errors and warnings went flying by. How could I have ever been expected to fix all these errors when I didn't even know how to peek inside the ePub file? I ended up downloading a couple of ePub fix and repair utilities but none were able to rid the ePub file of its errors. EPubCheck kept spewing out the same errors over and over.

More online searches led me to a product called Sigil that actually let one open and edit ePub files. Sigil sure delivered. Finally I was able to open the ePub file, locate the errors reported by EPubCheck and fix them. Turns out EPubCheck was just being too picky complaining about some trivial extra fields that Calibre had added based on the original Word file. But apparently Google Play runs EPubCheck against every ePub upload and silently dumps those that don’t pass validation no matter how small the offense.

sigil

Sigil

There was one more revelation here that is noteworthy. While editing the ePub file in Sigil, it occurred to me that the files were in html format. That's when the whole thing started to make sense like an epiphany. The ePub format is actually a collection of html files together with some assets such as image and stylesheet files, zipped and renamed to a .ePub extension. One can open an ePub file by unzipping it and manipulating the files within using the plainest of text editors, like notepad.

One final validation check using EPubCheck and the file was now error-free. I uploaded the file to Google Play, received the indication that the file was received and a few days later, my book was finally available on Google Play in ePub format.

Book on Google Play

Book on Google Play

Add Newline After SSI (Server Side Include)

by @ 4:00 pm
Filed under: web — Tags: , , ,

Recently I noticed that my Chrome browser was having issues displaying some of the web pages on this site. The pages wouldn't load at all or would only load partially.

After some investigating it turned out that those pages were of SSI type, usually having extensions .shtml or .shtm. Such pages could also have other extensions depending on the system configuration.

Figuring out and fixing the problem however took a number of frustrating hours. On this server, Apache has KeepAlive turned on. That means for most browsers the content is sent using chunked transfer encoding and that means the browser and server maintain an open connection for some time as data is passed in. That saves on resources and gives the server more flexibility in data transmission but on the flip side the server needs to calculate and send the content length to the browser for each chunk. Without the correct content length, browsers won't be able to correctly display the page.

After hours of trial and error, I noticed that these pages had an include such as below at their tail end with nothing after that, no newlines, no characters, nothing.

<!--#include virtual="/some_file.inc" -->

The Chrome debugger would show a red failure loading for the page but there was no explanation. cURL however came in handy, displaying this error at the end:

error 18: transfer closed with outstanding read data remaining

That's when the underlying issue revealed itself, sort of. Obviously the server wasn't sending the correct content length or the terminating chunk to the browser causing the failure. The fix came by luck after I added a few characters at the tail end of the file. Turns out that adding a single space or newline character was enough to fix the error.

At this point I have no idea why this flaw exists in the first place and why adding a character at the end of the file fixes the issue. But if you are running into the same problem, try the same solution and see if it helps, and don't underestimate the power of cURL to debug these types of issues.

« Newer PostsOlder Posts »

Powered by


Read Financial Markets  |   Home  |   Blog  |   Web Tools  |   News  |   Articles  |   FAQ  |   About  |   Privacy  |   Contact
Donate Bitcoin: 1GfrF49zFWfn7qHtgFxgLMihgdnVzhE361
paypal.me/rhashemian
© 2001-2021 Robert Hashemian   Powered by Hashemian.com