random neuron misfires

This is another case of yak shaving that all started with trying to implement imapproxy to proxy internal IMAP connections between Dovecot and SquirrelMail on my public servers.

Implementing imapproxy was a simple drop-in. All that was required was some server-side configuration to get Dovecot to listen to the server port that imapproxy uses, and then get imapproxy to listen on the public (external) port for clients to connect to.

In my /etc/dovecot/dovecot.conf, I set up the following:

protocols = imap imaps
protocol imap {
        listen = 127.0.0.1:14300
        ssl_listen = *:993
}
...
ssl_cert_file = /etc/ssl/certs/dovecot-ssl.crt
ssl_key_file = /etc/ssl/private/dovecot-ssl.key

In /etc/imapproxy.conf, I configured it as follows:

server_hostname 127.0.0.1
listen_port 143
listen_address 127.0.0.1
server_port 14300
...
tls_cert_file /etc/ssl/certs/dovecot-ssl.crt
tls_key_file /etc/ssl/private/dovecot-ssl.key

Restarting both, and now IMAP connections are proxied and kept open for the duration of the session. It is visibly faster now when interacting with IMAP over that connection.

For SquirrelMail, I had to tweak accordingly as well to listen on port 14300 on host 127.0.0.1. Under SquirrelMail’s config (Option 2 → A → 5 under the configure script), I changed the port to 14300. That now gets SquirrelMail talking to imapproxy, speeding up webmail by several orders of magnitude.

But it was still in the clear. Unfortuntely, there’s no easy way to just plug SquirrelMail into IMAP over SSL… so I had to use stunnel to do that:

/usr/bin/stunnel -P/var/run/ -c -d 1430 -r 127.0.0.1:993

Now I went back into SquirrelMail’s config and changed the port to 1430 from 14300. Now SquirrelMail is talking to the local imapproxy → Dovecot over SSL instead of plain text.

But now my Dovecot certs needed to be regenerated because they were close to expiring, and with the recent Debian PRNG problem, it was better to just re-gen all certs and keys anyway.

To do that, I had to do the following:

$ openssl genrsa -out dovecot-ssl.key 4096

$ openssl req -new -key dovecot-ssl.key -out dovecot-ssl.csr

I pasted the contents of that final CSR (dovecot-ssl.csr above) into the form at CACert and had them generate a new server certificate for my mail host: mail.gnu-designs.com, where my Dovecot instance resides. With that, I put those keys in their proper location and configured /etc/dovecot/dovecot.conf accordingly:

ssl_cert_file = /etc/ssl/certs/dovecot-ssl.crt
ssl_key_file = /etc/ssl/private/dovecot-ssl.key

Restarted Dovecot and now I’m properly secured with stronger, less vulnerable keys and certs.

But what about locking down SquirrelMail behind SSL as well?

To do that, I had to update my DNS to point mail.gnu-designs.com to a separate physical IP on the same machine. With Apache, you can’t have more than one SSL VirtualHost behind the same physical IP. Each new SSL host you want to deploy has to be on its own physical IP address.

So I had to change my DNS to point mail.gnu-designs.com from its present IP to a new IP on the same host. Now comes the tricky part… configuring Apache.

Since I run Debian, the Apache configuration is a bit… non-standard. In /etc/apache2/ports.conf, I had to change the Listen directive to listen on port 443 of that new IP.

Listen 72.36.135.43:443
Listen 72.36.135.43:80

And a VirtualHost stanza for that new SSL vhost had to be created..

Now my regular non-SSL stanza can be changed to look like this:

<VirtualHost *:80>
        ServerName mail.gnu-designs.com
        Redirect permanent / https://mail.gnu-designs.com/
</VirtualHost>

This will redirect non-SSL clients to the SSL version of the site, so their session is secured behind SSL on port 443. One last poke to make it possible to use the SSL VirtualHosts without having to import the upstream Root CA Certificate:

SSLCACertificateFile ssl.certificates/cacert-root.crt

From the Apache 2.x documentation:

This directive sets the all-in-one file where you can assemble the Certificates of Certification Authorities (CA) whose clients you deal with. These are used for Client Authentication. Such a file is simply the concatenation of the various PEM-encoded Certificate files, in order of preference.

I duplicated the same process for my other SSL vhost; spam.gnu-designs.com, for the DSPAM web interface.

If you’re not using dspam to reduce your spam by 99.9%, you should be. It runs circles around every OSS and commercial product I’ve tried, and I’ve been running it for years (see my previous posts on dspam for more background and hard data).

Conclusion:

I did a few things here:

1. Set up an IMAP proxy in front of Dovecot, my IMAP server which dramatically increased the responsiveness of the IMAP server
2. Configured that proxy to speak SSL (imaps on port 993) as well as plain imap (port 143)
3. Configured SquirrelMail to talk to the IMAP proxy over SSL only, using stunnel
4. Locked down two of my public-facing Apache vhosts with SSL (webmail and dspam)
5. Regenerated all SSL certificates and keys with stronger encryption using CACert
6. Imported the CACert root certificate and made it global within all of my Apache SSL vhosts

Now everything is a bit more secure than it was before… for now.

Last note: As I was writing this post, I realized that WordPress was eating some characters in my
<code> … </code> blocks. I looked around for a plugin to try to alleviate that, and found several, none of which worked properly.

I tried Code Auto-Escape which at first glance looked promising, but all it did was encode my code blocks into a single-line base64 string, and output that. Blech.

Then I tried one called Code Markup which had a very detailed explanation and several ways to use it. It too failed miserably on the most basic of code blocks (the Apache stanzas above).

It referenced several other markup and syntax highlighting plugins (geshi, highlighting with Enscript, etc.), none of these worked as advertised either.

What I finally found that DID work, was a a Java-based tool called Code Format Helper for WordPress. Basically you paste your code block into the small java applet, and it converts all of the entities to encoded entities. You then paste that into your WordPress post and submit that. You can see in the above post that it works perfectly.

Voila!

I run quite a few WordPress blog sites for myself (you’re reading it), my company and for users who wish to have their own blog on the web.

I keep all of these up-to-date with all of the latest versions of WordPress, the latest plugins and any security fixes or updates. Here are a few examples of blog sites I’ve created with WordPress, using some automated tools I’ve written (in Perl of course):

Diabetes Information Resources
Articles, news, reviews and information for the diabetic or caregivers

Acne Treatment Resources and Living With Acne
Acne treatment, support and skin research for teens and adults

Cancer Treatment Information and Resources
A place for cancer patients and caregivers to go for support

(the latter one needs a better theme, I’ll work on that later)

I have already implemented reCAPTCHA for WordPress, Akismet and Bad Behavior. All three of them work very well together without any issues that I’ve seen.

Akismet takes a collaborative approach to combating spam-like comments in your blog. Any comments which contain a high likelihood of being spam are flagged by Akismet and set aside in the quarantine. You can them go back into there and approve/purge those comments as you see fit. According to this blog’s statistics, Akismet has protected my blog from 17,124 spam comments already.

reCAPTCHA helps prevent automated abuse of your site (such as comment spam or bogus registrations) by using a CAPTCHA to ensure that only humans perform certain actions.

reCAPTCHA is very interesting because it actually benefits the community as a whole. When you enter the words presented, you’re actually helping to digitize printed books, by translating words that were OCRd using software to scan actual printed pages, into digital text, to make meaningful sense out of the scanned items.

OCR isn’t a perfect technology and sometimes it makes mistakes. A blurry ‘e’ might be mistaken for a lowercase ‘s’ for example. Human eyes can discern the difference, and this is what reCAPTCHA does. If you want to learn more, you can read more detail about reCAPTCHA on their website.

But this isn’t enough. Spammers are getting smarter and the volume of spammers is increasing at exponential rates.

The nature of Open Source actually hurts us here, because the same tools we use to prevent and block spam, can be downloaded by the spammers, analyzed and their scripts can be modified to circumvent any of the blocking we attempt. These spammers can download the source for Akismet or reCAPTCHA or WordPress and find holes in it to exploit. And that is exactly what they’re doing.

But that only stops people who are using comment forms and are trying to post comments. What about trackback and registration spam?

First, what are these? How are spammers using these to abuse your system or blog?

Trackback Spam (TrackBack plugins at WordPress)

Trackback spam is a technique where individuals or companies abuse the TrackBack feature of a blog to insert spam links on some blogs. Allowing trackbacks allows spammers to actually add content to your pages (in the form of comments).

If you allow trackbacks on your blog, these links will appear on your blog, and direct spiders and other traffic FROM your popular blog site TO their spam or phishing site. Trackbacks do have a positive use, so you can enable them… if you take precautions to protect them accordingly.

One way to do this with WordPress is to rename wp-trackback.php to something else that these spammer’s automated scripts will not be able to “guess”.

You’ll also have to change the reference to wp-trackback.php in the following two files:

wp-includes/template-loader.php
wp-includes/comment-template.php

Most of the automated trackback spam tools will just hit several thousand websites at a time by attempting to send a POST request to wp-trackback.php directly. If you rename it, they won’t find that file on your server, and will get a 404 error. If someone uses the proper comment form on your website, they’ll get the right version of your renamed file.

The other option is to just disable trackbacks altogether. You can find this under Settings → Discussion. Simply uncheck “Allow link notifications from other blogs (pingbacks and trackbacks.)” This can also be accomplished within each post by unchecking the “Allow pings” checkbox when you compose or edit your posts.

Another option is to use a plugin to try to thwart or validate trackbacks. I use one called Simple Trackback Validation. It was a simple drop-in plugin, and appears to work very well.

When a trackback is received on your blog, Simple Trackback Validation will:

1. Check to see if the IP of the trackback sender is the same as the IP address of the source the trackback URL is referring to.

   This reveals almost every spam trackback (more than 99%) since spammers do use automated bots which are not running on the machine.

2. Retrieve the web page at the URL included in the trackback. If the webpage doesn’t a link to your blog, the trackback is considered to be spam. Since most trackback spammers do not set up custom web pages linking to the blogs they attack, this simple test will quickly reveal illegitimate trackbacks.

   Also, bloggers can be stopped abusing trackback by sending trackbacks with their blog software or webservices without having a link to the post.

The combination of these three techniques will stop almost every fake, false or fraudulent trackback your blog may receive.

Registration Spam (Registration plugins at WordPress)

The last one is the most challenging, and very-recently, the most abused; Registration Spam.

Registration spam is relatively new, but it allows someone to “bomb” your blog with thousands of fake usernames and registration requests, which your system will then dutifully attempt to send out a confirmation email to the address specified.. which in most cases will be fake, causing your machine to receive a bounce message in return.

Spammers are using GMail and Yahoo addresses to do this right now, so you might see hundreds or thousands of new users attempting to sign up for your blog every week, all of them fake.

I searched around for awhile to try to figure out what tools or plugins I could use to try to stop this. I found something called WP-Ban, but it doesn’t actually seem to work at all.

WP-Ban claims to ban users by IP, IP Range, host name and referer url from visiting your WordPress’s blog. It will display a custom ban message when the banned IP, IP range, host name or referer url tries to visit you blog. You can also exclude certain IPs from being banned.

In my experience with it, it does not work at all.

I looked for something that would make adding a “plain text” name to the signup field a mandatory item. This means that instead of jdoe@gmail.com being signed up, they would have to also enter “John Doe” in the Name field of the signup form. I found nothing that did this for me.

But I did stumble on something called ‘CapCC’ in my travels that HAS helped. CapCC is a small captcha plugin that works with either comments, registration or both. Since I already used reCAPTCHA and it was having a positive effect, I decided to use CapCC for just user registrations. Now the incoming users have to enter a small 5-character string before their registration can be processed.

As a result of this, I now allow anonymous people to post comments (moderated, of course). I don’t have to worry about fake users trying to join, abuses of my MTA or other garbage.

Hopefully others will find this useful.

“Giving back is how you define success in this life.”
-Anonymous

And another:

“The true measure of a man is how you handle victory… and defeat.”

Something to think about.

This is related to a very deep conversation I had recently on the train with a car full of people about life, love, the spirit, the soul and what it means to be “alive”.

At the end of the night one woman who was off in the corner asked me if I was a philosophy professor. I said no, and she said I should be. Maybe I should. I’ve always considered going to school for Philosophy, or Forensics or Law. I have many years left… so maybe I’ll plan for that in the coming years.

Back on-topic though… what is the real point of your life on this orbiting rock around that molten globe we call the Sun? How would you define your life as “complete” in this world?

When can you say to yourself: “I’ve done the best I can do in this world. I’m ready to go now.”?

A good friend of mine is facing the potential loss of her grandmother; a woman who has lived a full live of 106 years in this world; over a century of life. She has seen children, dozens of grandchildren, at least 3 wars, lived through the depression and many, many other things.

I asked the people gathering in the train car about what they want to do in this world to be remembered by others. One person sitting one table over said he wants to make millions of dollars, so people know who he is and remember him. He wanted to be a millionaire.

I asked him to name the top 3 millionaires. He couldn’t name any. I asked him to name at least 2 billionaires. He didn’t have any. One person at the table behind me spoke up with “BILL GATES!”

I turned around and said “Good, that’s one. Name one more…” He didn’t have a second one (Warren Buffet, Larry Ellison would be my top guesses here).

So I told the first person:

“How are people going to remember you as a millionaire, if you yourself can’t even remember any famous millionaires or billionaires?”

Then he said he would give his money to his family to help them, and they’d remember him that way. Ok, that’s great and I definitely respect that, and that would certainly keep him in their memories for awhile.

But what if he took those millions, gave some to your family and invested the rest for a few years to help solve the drought problem in Africa? Or create a new life for millions of ravaged people in Darfur? Or invested the money to help convert his entire town or city to “green” power solutions? Or do whatever you think will change the world, change enough people, to make you immortal.

(hold on, there is a point to all of this)

The conversation dove down into the deep philosophical topic about using a “Star Trek” transporter for travel instead of trains and airplanes (most said they would definitely use a transporter, until I explained further… clashing directly with their religious and moral beliefs, and almost everyone eventually changed their tune afterwards, saying they would never use a transporter).

We talked about about where the “soul” is located, what makes someone “better” than someone else, and many other topics. Lots of people searched deep within themselves on that trip, and certainly learned and shared a lot. It was probably the single deepest conversation I had with such a large group of people at one time.

But the one thought I left everyone with on that commute was that all we are, all we EVER are in this world… is what we leave behind. What we leave behind is not a full bank account, not a parking lot full of sports cars we’ve collected and restored and not a huge group of friends we hung out with in our life.

What we leave behind are our creations, things we build, and memories in people we’ve shared this world with; memories of people we’ve affected in this world. People who will talk about us long after we’re gone.

Are we immortal?

Not physically, no (not yet anyway, but that brings its own population density issues). We CAN live on in the memories of people who carry our life with them. We live on in the lips and conversations of our relatives, our children, our friends and our family.

We give birth to our children, mold them and teach them lessons and skills they will remember throughout their entire lives. They keep us alive. Our children grow into our big shoes and take our genetic material and share that with others, and create children and generations and lessons of their own.

What are YOU here for in this world? Do you know? Do you even think about that?

Are you doing ALL you can do, all you SHOULD do, to make your life in this world worth talking about?

Are you doing what you need to do in this world to be “immortal”?

If you could do anything in this world, what would you do? Are you doing that right now? Why not?

One thing that will stick with me forever, was passed to me from my high-school guidance counselor:

“Do what you like, and like what you do. Nothing else matters.”

Think about everything you do, every SINGLE THING you do and put it in that context.

And smile.

Always keep a smile on your face. If you’re not happy in this world, do whatever you need to do to put that smile back on your face.

(I’m typing this as I commute on the morning train)

Moments ago, a commuter on the Amtrak train I take every morning got up to get off the train at his/her stop in New Haven, walked by my table in the cafe car and knocked the open juice bottle that was on my table over, splashing it all over everything; my paperwork, my phone, my laptop, my train ticket, my journal… everything. It splashed up and onto the front of my white dress shirt too, staining it with a nice dark ‘tea’ color.

The bottle was at least a foot inboard of my table, there’s no reason they should have hit it, unless they were swinging their bag around like a gymnast.

This “person” (and I use that term loosely here) stood the bottle up, looked at me while the juice pooled all over my table and soaked into all of my paperwork, and continued to walk off the train. Not a word was said, not even “Oh my, I’m so sorry!”

So I’m here blotting my shirt, soaking up the juice on my table, my laptop, my journal, and trying to dry my paperwork with towels, as the cafe attendant Michael looks on shaking his head in disgust at the person who just walked off the train after causing this.

People boarding the train at the same time saw it, saw the person walk off, and asked me if they even apologized. I said “No, they didn’t.”. Obviously SOME people know the right way to behave. Why don’t others?

What the hell is wrong with people?

Are we really that broken as a species, as a race, that we can’t even apologize for doing something so stupid to someone else? Are our social skills really that de-evolved that we don’t even know what it means to treat our fellow man with respect and dignity?

Disgusting.

Speaking of SEO, I’ve been using my SEO Keyword Tool a lot lately for my own personal work and decided to give it an under-the-hood update.

Many people are jumping on the buzzword “SEO” and “Search Engine Optimization” lately and some are fraudulently trying to sell you these services, as if they are some “expert”. Frankly (like everyone overusing XML a few years ago), I find it somewhat funny.

“Optimizing” a website should be part of the process of website creation, before you launch it and make it public. If you want to target your audience, you do ALL that is required to do just that. This means:

1. Include all of the proper meta tags for your HTML. This doesn’t just mean ‘description’ and ‘keywords’ meta tags, it means ALL of the meta tags which can be used to help describe your document. These should include ‘copyright’, ‘revisit-after’, ‘robots’, ‘Cache-Control’, ‘author’, ‘googlebot’ and others. If you need a full list of these tags, you can find one at HTML Reference.
2. Validating your HTML and your CSS
3. Indenting and/or compressing your HTML and CSS (or remove non-visible whitespace). Try using the CSS Compressor at CSS Drive if you want to see how it works.
4. Optimize your graphics for web (color palette, size, dimensions, proper width/height img tags; pngcrush -brute for png files, jpegs at no higher than 85% quality, etc.)
5. Organize your content correctly, so it flows in a non-confusing way and is not overly wide. Studies have been done that validate that content that is “too wide” or too narrow, will cause people to stop reading. One called “The Effects of Line Length on Children and Adults – Online Reading Performance” is particularly detailed.
6. Make sure your colors, fonts and styles are all appropriate for a broad audience. You don’t want to exclude the elderly who might not be able to see 6-point fonts in your graphics, or whites on greys that exclude the colorblind, or missing alt tags and tabbing order that might exclude the blind altogether).
7. Last but not least, NO HTML TABLES!! If your content would look appropriate when pasted into a spreadsheet, then tables are the right approach. If not, tables are FLAT OUT WRONG.

If you’re not doing this already, you should be. If you ARE already doing these things, pat yourself on the back. You’re now doing SEO without even realizing it.

If you don’t know what the SEO tool I’ve written is for, I’ve talked about it before. What my tool does is take any pasted, uploaded or content at a remote URL, analyzes the words found in that content and reports back the highest-frequency keywords used in the content… excluding all of the obvious words like ‘and’ and ‘the’ and so on.

Those keywords can then be used in your target page’s meta tags to help drive traffic to your page. You can even do a test by submitting the “Before” version of your page through Submit Express and then adding the keywords my tool suggests, and then running your “After” page through Submit Express again, to see how you’re ranking. You should be getting higher than 95% on all scores to be sure you’re setting the right values for your keywords.

Now, what this tool does NOT do (yet) is suggest “better” words to use in your content, to get higher rankings. It doesn’t do what a human should be doing with your content.. and that is making it relevant to your target niche, and converting visitors into customers.

That’s YOUR job, not mine (unless you want to hire me to do so, of course).

The tool is faster and now links to another site in the final results page that can suggest alternate keywords in your range, based on the words analyzed from your existing content.

For example, if I point the tool to today’s Slashdot page, I see that the word ‘networks’ comes up in the results. If I click on that word, I now see the following 13 related words:

networks (13 related words found)
net
network
software
systems
tv
networks
communications
technologies
networking
corp
lan
net's
network's

If I were writing content that I wanted to use to target the keyword ‘networks’, I would be sure to include some of those 13 words within my content or articles.

See how this works? It’s all a very-specific science, but it’s not impossible to learn. All in under 200 lines of PHP code.

Go have fun and play with it, and if you find it useful, consider donating or visiting my Amazon Wish List to see what sort of shiny things you think I might like (I promise the rubber ducky isn’t for me, it’s for my daughter)

This one almost looked legitimate, and I actually replied to his email. What made me sure this was spam was that my reply back to him was met with an exact duplicate of his original email, sent back to me.

The original email started out like this:

I was looking at websites under the keyword Groton hosting and came across your site http://resume.gnu-designs.com . I see that you’re ranked 71 on page 8 in google.

I’m not sure if you’re aware of why you’re ranked this low but more importantly how easy it is to start getting higher listings in search engine results.

All you need to do is some simple “link publicity” for your website and you could quickly hit the front page and work your way up to #1-#3.

… over the last 5 years we took the website [REMOVED] from only 50-100 clicks per day from Search Engines up to 49,000! clicks per day! (generating $23M in sales last year!)

How?

Well, by having quality articles written about this website which were then published by many blogs, web 2.0 websites, and many other well respected websites on the internet… amongst slowly adding hundreds and now tens of thousands of highly optimized content pages to his site.

The email then went on to show some (likely falsified) numbers about the growth of the site he referenced above. I looked up the Alexa ranking and could not verify his claims.

His email continued with…

We were paid over six figures for optimizing those two sites alone and the clients are making a huge
ROI from their investment!

Your keyword: Groton hosting

Is NOT competitive and I now have a large team to allow me to serve smaller businesses such as
yours for pennies on the dollar – for a fraction of what those clients paid – you too can enjoy the
fruit’s of Top 10 rankings in google for your target keywords.

I replied back in a very nice way, showing that my RESUME page is not linked to from anywhere external that I know of (well, I just linked to it above in this post) and that the text version of my resume is ranking at PR2. The main HTML index page is a PR3, without any marketing or promotion whatsoever.

I also included some of my higher-ranking websites, which are currently PR5, PR6 and PR7 with over 18k unique visitors per-day on the highest ranked site I host. These are all in the top 5 (not just the top 10) SERPS (Search Result Pages) in Google for VERY broad search terms.

Here are a few examples using some VERY broad keywords:

We’re currently ranking at #2 for html reader on one website.

Slightly narrowed, but still very broad search, and we come in at #1 for palm html reader for the same site.

Here are some more across a bunch of random sites I host:

• #1 for wxchar to hex
• #1 for truecrypt ext3
• #1 for vmw_have_epoll
• #1 and #2: vmware infrared
• #4 for ebook viewer
• #4 for ip range by country
• #4 for proxy page
• #8 for hotsync

…and so on. I haven’t done a lick of marketing to promote any of the sites above, and they’re already pulling in a lot of traffic and are getting in the top 10 in Google’s SERPS.

I asked “SEO Charles” to get back to me, if he thought he could get my PR7 sites up to PR8, or double my incoming traffic without falsifying backlinks or using any other malicious means. Instead, he emailed me another copy of the same exact email he sent the first time, spamming me.

So I just dealt with it as follows..

From his mail headers, I abstracted:

Return-Path: <bounces+255129.16977265.204142@icpbounce.com>
Received: from smtp7.icpbounce.com (smtp7.icpbounce.com [216.27.93.119])

Then a little more digging revealed this detail about that IP range from Project Honeypot:

I then sent him an email, letting him know that his entire netblock was being blocked for being an ignorant, amateur “SEO Expert”, as well as a known public spammer.

iptables to the rescue! (broken hostnames here to avoid giving him any PR):

$ host 216.27.93.119
119.93.27.216.in-addr.arpa domain name pointer smtp7.ic pbou nce.com.

$ sudo iptables -A INPUT -s 216.27.93.0/24 -p tcp -m tcp -j DROP

$ host ge tran ked1.com
getr anked1.com has address 74.53.25.226
getrank ed1.com mail is handled by 0 ge tranked1.com.

$ sudo iptables -A INPUT -s 74.53.25.0/24 -p tcp -m tcp -j DROP

Problem solved.

Oh, and if you want “Groton hosting” (or hosting in Groton, CT. or anywhere else in the world for that matter), visit my ACTUAL hosting page, not my resume page.

Linux and FreeBSD aren’t inherently more secure — they’re just operated by people who are inherently more aware of security.

I am a customer of a tool called CompanionLink for Google which allows me to sync my Outlook/Palm calendar to Google Calendar, so my friends/family can see where I am at any given time.

The cost for their software was relatively cheap, and it appeared to work well. There are some inherent issues and bugs in the tool, which still aren’t resolved, but it does what it claims to do in a very simple and fairly painless way.

Recently I noticed that Google has released their own free tool called “Google Calendar Sync” to do essentially the same thing.

The Google tool doesn’t support as many platforms and PIMs as CompanionLink, but it is free, and it is written/maintained by the people who interface directy with Gmail, so I figured it should work “better”.

I was wrong.

For some reason, both of these tools seem to “ignore” random events on my calendar, while including other random events around the same days and weeks. There is no obvious pattern to why these events are skipped, or why I can’t get them into my Google Calendar.

I’ve exported all of my calendar items to a local file, removed the categories, deleted my local calendar entirely, re-imported all of the events clean and told both tools to do a “Purge and Reload”, pushing everything from my local calendar into Google Calendar.

Nada.

Both tools fail in almost exactly the same way. This leads me to believe something in the way Gmail is accepting the calendar data is causing it to “ignore” some of my events (a few hundred).

So now I’m back to not using either of them, because they can’t do what I need. I’ll probably talk to CompanionLink and see if they have a fix, or can issue me a refund for my purchase price.

Frustrating, since I don’t yet have one unified place for all of my calendaring to go. Grr!

UPDATE: I have a fix. The fix is to export my entire calendar into CSV format, then log into Google Calendar, delete all of the calendar items, then import the CSV fresh every time.

So much for 2-way syncronization. Sigh.

I thought it was a joke when someone spoke about this in IRC, until I Googled around and found the actual story. Shocking!

Rhonda Payne went to an AT&T Wireless store in Calhoun, Ga., recently to pay her phone bill in cash. She’d been hit by ID theft and was forced to close her checking account, so she was worried she wouldn’t be able to mail a check on time. But when she arrived at the store, she was in for a surprise.

Paying in person, she was told, costs extra — $2 extra.

Payne objected to the “administrative charge” that was added to her bill but got no sympathy. Instead, she said, she was told she should consider herself lucky because the fee was about to go up to $5.

“I was told that it was a courtesy to take cash” she said. I said, “Are you kidding me?”

It’s no joke. Beginning earlier this year, AT&T Wireless began to charge customers who pay their bills in their stores.

“It is a way of saving money … it helps us keep our costs lower,” said AT&T spokesman Mark Siegel. “We want our associates to spend their time helping customers as they are thinking about their wireless plans or looking at phones.”

Since when was it a penalty to use REAL cash to pay your bills? What about people who don’t have a bank account (and the number is growing, as the economy crumbles down). What about people who can’t pay electronically? What then?

I can’t help but think this is also related to the fairly recent advertisements from VISA Check Card where they make it seem like paying with real cash is embarrassing, annoying, slow, etc.

In fact, as the commercial below shows… all this industry wants to see is cash flowing in, as fast and efficient as possible, with as few interruptions as possible. If you pay in cash, people groan at you, look at you funny, and make you feel like you’re some sort of outcast.

If you haven’t seen The Zeitgeist Movie yet, please take the time to watch it. You can watch it online, download a copy or purchase the DVD version for yourself or your friends.

It goes through exactly why we’re seeing this shift away from physical money, and how it’s happening at very subtle, almost imperceptible levels in all facets of our society.

I STRONGLY recommend watching it, and passing the knowledge you glean from it on to others who might want to know more.

When all of our cash transactions are digital, when all money is digital and no longer physical, you can be monitored in ways you’ve never even thought of before. Not only that, but your ability to transact business in the world can now be shut off in one keystroke.

BAM!

No more groceries.

No more gas.

No more airline flights.

Nothing.

Accidentally have the same last name as someone else on a list you can’t get yourself removed from? Oops, now your life is literally turned off.

Perhaps Morpheus wasn’t so far off after all… maybe in the eyes of the current government we’re a lot closer to these than we think.

I have two Windows machines here that I use for those tasks that don’t quite lend themselves to Linux or Windows-in-VMware. I thought they were updated to current with all latest versions, service packs and updates… until I stumbled on a tool called Personal Security Inspector by Secunia.

PSI is a tool that will scan all of your programs and applications and tell you which ones are vulnerable, insecure, out of date, end-of-lifed, and many other things.

I ran it on my Windows laptop which is only about a month old, straight from IBM… and it scored 88%.

[More screenshots here]

The interface is very smart, and once it finds the applications which need updating/patching, it lets you download them directly from the PSI dashboard, where you can install them and re-run the scan.

As you can see in the above screenshot, 9 programs that were out of date were found on my system and needed updating. These included things like Firefox, the Adobe Flash plug-in, VLC, XnView and others.

After I updated as many as I could, I re-ran the scanner and it now found the following results:

[More screenshots here]

You can see that even the interface changed, because now I have the proper Flash version installed and configured within MSIE to render those graphs on the right-side.

There’s a lot more to it, and I haven’t done it enough justice here, but if you run Windows.. give this a try and see if it doesn’t find many things on your system that could be potential security holes on your machine.

The only one I couldn’t seem to update was the Adobe Acrobat application but I’ll look into that later.