The Chris Gonyea Project

Google Talk has been released. More thoughts on it later as I get a chance to play around with it more.

If you want to try to IM me on it, add chris.gonyea to your list. Do note that I won’t be online during the day due to work.

High school trades textbooks for laptops - CNN.com

It is amazing to think back to high school and college. You know how much money must have been spent for getting me textbooks (both from taxpayer’s wallets and my own) that I did not enjoy reading or didn’t even have to read?

Out of the $900 per year I spent on textbooks in college, I probably got maybe $100 worth of information out of them. Don’t get me started on the out of date textbooks in elementary school and high school.

It wasn’t from lack of effort. It was from lack of well written information in these books or a teacher’s non-use of the books in the classroom. No wonder in high school my grades weren’t exactly stellar (B average)…the Internet for research purposes back then (1996-2000) wasn’t close to what it is today. No Google, no Wikipedia, nothing remotely close.

All the learning I did in college I tried to do via the computer and Internet, even if a professor assigned us reading work in a book. Oh I would read the book…I would just then go online and figure out what I just read. I think it paid off…a 3.73 GPA in college and a much better understanding of the world.

Mark my words. The sooner every school moves to computers for learning and eliminates textbooks, the better.

A few days ago I received this e-mail from DreamHost (great hosts btw, can’t recommend them enough):

Hello,

I’m very sorry but I had to disable chrisgonyea.com/index.php. It had
been compromised by a hacker and was being used to execute commands on
the server. It looks like it was Wordpress. Please be sure that you are
running the latest version of Wordpress.

I disabled the file by merely renaming index.php to
disabledByDreamhost.php.

My first reaction was “holy shit.” My second reaction after a moment of thought was full of questions, most importantly was anything on my blog deleted/altered (answer turned out to be no from what I can tell).

I had just updated to WordPress 1.5.2 less then 24 hours earlier when it literally just came out, which fixed a big security hole. Using logic, I guessed that whatever DreamHost observed going on with my account happened before the upgrade.

After exchanging e-mails with DreamHost a few times to see if I could pinpoint when they observed this hacker activity, I decided to do the following steps:

1. Reinstall WordPress 1.5.2 from a freshly downloaded copy to ensure it wasn’t compromised and files altered.
2. Change my blog user account password and MySQL database password.
3. Upgrade to Bad Behavior 1.2, although that has more to do with spam then anything
4. Install WordPress Database Backup 1.6 to do backups of my WordPress database
5. Install WP-Cron to schedule daily backups of my WordPress database

This is ontop of already using mod_security for a long time and already tough to break passwords.

The net effect of this: I will now have daily backups of my WordPress database, my WordPress installation is as secure as it can be, and I will have piece of mind.

I plan to map out a backup strategy so I can organize these backups. More on that later.

Thanks DreamHost for informing me of what happened. Because it set off a flury of improvements that I made to my blog’s security situation.

Neil and Ed have done one, so it is my turn. What is on my Windows XP Start Menu:

• Mozilla Firefox - Best & most secure web browser out there
• Mozilla Thunderbird - Best & most secure e-mail client
• Internet Explorer - For testing
• AIM (with Ad Hack) - The AIM client at its best, although the beta client has some serious promise.
• Microsoft Word 2003 - For word processing
• Microsoft Excel 2003 - For spreadsheets
• iTunes - For music and podcasts
• Nero Express - For burning cd’s, nothing matches Nero
• Picasa2 - Best photo program on Windows and its free
• SmartFTP - Great FTP client
• Exact Audio Copy - Best CD ripper out there

I don’t use the quick launch bar.

I had to wait awhile, but I received my NH E-ZPass yesterday. Amazing little box and it took about 20 seconds to install in my car. Kind of funny now, everywhere I drive in Manchester and I can easily spot who has E-ZPass…just look for a white box to the left of the rearview mirror and car registration sticker on the windshield.

Haven’t used it yet, but it could have been very useful last week when I was driving around Southern NH to clients left and right.