Soldiers fire on food riot crowds (Somalia)

Tens of thousands riot in Mogadishu in eruption of anger over food prices

Stores impose limits as rice stocks shrink (New Zealand)

Toronto feeling effects of global rice shortage

GLOBAL ECONOMY -Inflation and slowdown plague industrial world

Global Growth Slows, UBS Says (Update1)

Quote from me: “Oh crap”

When I got home, I shut the system down. While the PC was up, there was always a chance that something would write to disk, and overwrite those important files. After some study and research, I found Foremost, a program to do “file carving”. What this program does is search an image of a filesystem and copies out any series of bytes that have the proper start and ending hex strings. you can look through the raw data and copy out anything that looks like a jpeg or a html file, or just about anything else you want to search for. Here’s something of a step-by-step. This is basically what I did, except without the tedious research between many of the steps to make sure I was doing the right thing.

1. Boot the PC using a Linux live CD that does not automatically mount hard drives. I used an old copy of Ubuntu I had lying around, therefore instructions here will be tailored to that distro. By default, Ubuntu will use any swap space it finds, but will not auto-mount any file systems.
2. I had space on my hard drive, so I used a partition program to make a new 8 GB partition.
   If there wasn’t any space, I’d likely have to install another hard drive or something. I used whatever came with Ubuntu, likely Gparted, to format the partition.
3. In Ubuntu, you will need to go to software sources and enable via check box the universe and multiverse options. I believe everything is in the universe repository, but why do this step twice?
4. Drop down into console (command line) and mount your new partition. You could also mount anything where you have enough space, and this could be network drives or flash drives, or anything that works for you. Just don’t mount the partition that contains the files you want to recover. I used $ sudo mkdir /home/hda4 to create the mount point, and then $ sudo mount -t ext3 /dev/hda4 /home/hda4 to mount the partition.
5. Use dd to make an image of the unmounted partition where recovery took place. I used $ dd if=/dev/hda3 of=/home/hda4/image.dd bs=4096 conv=notrunc,noerror
6. Get Foremost. I used $ apt-get install foremost
7. I also had to get some tools for interfacing with Palm PDA. Depending on what you want to carve, you likely won’t need this. For me it was $ sudo apt-get install pilot-link
8. Run Formost on your disk image. I had to write my own formost.conf file. Full details are on the man page. I won’t go into details because it’s not likely that you will be searching for the exact same kinds of files as I was. I was looking for files that ended in jpg.pdb, and I had to create some example files first and then do hexdumps to see what the files start and end with. Fun.

In the end I recovered the photographs, but I ended up not ever needing them. They were from a hit and run accident where the lady that plowed into me ended up stopping long enough to talk to me and call someone else, but then abruptly left when I was on the phone with the police. Luckily, I had pictures of the other vehicle with license plates and after contacting her insurance, and every possible delay, her agent finally cut me a check for the damage.

I’ve really got to work on my incremental hard disk backups.

The only problem I’m really having spamwise nowadays is people who create actual WordPress spam blogs (splogs) and create actual posts actually linking to me. Ye Olde Spam Karma couldn’t tell the difference between a splog and a actual blog. I’m not sure if SK2.3 fixes that.

I might want to see if I could cobble up a plugin for SK2.3 that would let you create a whitelist to give people on your bloglist a boost of karma, and then just set everyone else that pings you to moderation or something. Unfortunatly, my PHP-Fu is lacking.

The other minor issue is that the Spam Karma comes zipped up in a folder called SK2. You know, just like the last version did. I’ve renamed the new folder SK2.3rc4. Hopefully that won’t be an issue.

Watch this space, because If anything goes wacky, I’ll report.

Sailorcurt takes up on the suggestion that we all use the Brady Campaign’s business reply envelope as a mailing label, gluing the thing to something heavy like a brick. The idea being that the Brady Bunch would have to pay more money out of their own funds to receive something useless.

It won’t work, but it’s a nice try though.

It’s really no surprise that a quasi-goverment 23rd level bureaucratic quagmire such as the United States Postal Service has a regulation to exactly cover this situation. The USPS also has regs that cover the placement of rubber bands on bulk mailing bundles of magazines and the fluorescent properties of the stock used to print postcards.

In this case one of my favorite columnists, Cecil Adams, tells me that it’s reg 917.243(b):

According to rule 917.243(b) in the Domestic Mail Manual, when a business reply card is “improperly used as a label”–e.g., when it’s affixed to a brick–the item so labeled may be treated as “waste.” That means the post office can heave it into the trash without further ado.

You could probably stuff it with newsprint, and seal it. That would cost them a few cents. You could enclose a target or two from your last range session, but that might be interpreted as a threat. Another idea from Ask Metafilter is to request a copy of their IRS Form 990. Wikipedia says:

Public Inspection IRC 6104(d) regulations state that an organization must provide copies of its three most recent Form 990s to anyone who requests them, whether in person, by mail, fax, or e-mail. Additionally, requests may be made via the IRS using Form 4506-A, and PDF copies can often be found online on sites such as Foundation Center’s 990 Finder and Guidestar.org.

You know, if you really want to cost a non-profit some coin, you could take an old fax modem, a standard analog phone line, and a computer and fax in your requests for those IRS form 990 from those non-profits. I think there’s some ad supported web-to-fax services out there too. It would probably take an army of clones to make a serious dent in their finances, but I suppose every little bit helps.

Please be aware that POSTNET, the current postal barcode is being phased out for the Intelligent Mail Barcode (to be required in 2009). Intelligent Mail Barcodes encode both the mailing and return address and if it was used on business reply envelopes (I’m not 100% on the regs, so I’m not sure) would probably allow that brick to be traced back to you.

• Pizza hut gave the former driver two months severance pay and was offered help finding a new job by the company

Really. For a pizza delivery job. To me that says “We really don’t want to fire you, but our lawyers are making us”.

• Every single pizza chain delivery store has the same policy. So do most convenience stores and many other retailers.

The reason most retailers have these workplace rules is strictly economics. In this example, Pizza Hut with the deep pockets does not want to be successfully sued by the wounded would-be robber, or in a (theoretical) different case, the dead bad guy’s family. So they have a corporate policy against weapons, and they enforce it when they have to.

I don’t usually like to say “tort reform”, because that’s usually just lawyer-speak for “reform” regarding who get socked with writing a big check, rather than meaningful reform of our legal system. I do think something needs to be changed.

So since the NRA is so much better at shielding the corporate limited liability thingys from frivolous lawsuits solely aimed to drive manufactures out of business - such as the Protection of Lawful Commerce in Arms Act, something I wholeheartedly agree with - than actually, you know, restoring rights to individual citizens, perhaps we could push for some reform this way.

Something like if limited liability companies do not have policies that limit individuals from lawfully carrying firearms for the defense of their own life, then they are automatically shielded from any lawsuits arising from the personal defensive use of those firearms by their employees.

Oh, and while I think Pizza Hut pizza by and large is subpar and too greasy, I think their “hand-tossed” style is pretty good in a corporate consistent mediocre way. The main problem with all the chains and most of the independent shops is that they use the cheapest mozzarella available, and that cheese simply doesn’t taste at good as the good stuff.

In addition to the security fix, 2.5.1 contains many bug fixes. If you are interested only in the security fixes, you can download these corrected copies of wp-includes/pluggable.php, wp-admin/includes/media.php, and wp-admin/media.php. Replace your existing copies of these files with these new copies.

I hope your host has one-click install/update at the very least. If you don’t want to do the whole installation again, it seems you can rename your old files with a .bak extension, and copy over the three new files as a quick fix.

Subversion Mischief:

$ svn sw http://svn.automattic.com/wordpress/tags/2.5.1/

Update: there’s a recommended but optional updated wp-config.php in the new package, but it’s called wp-config-sample.php to keep it from overwriting your current file. To use it:

1. Rename your old wp-config.php to something like wp-config.OLD.php .
2. Open that same file in notepad or another simple editor. Word wrap should be off.
3. In another window, open wp-config-sample.php for editing.
4. Copy over the proper DB_NAME, DB-USER, DB_PASSWORD, and if needed, DB_HOST.
5. Scroll down to where it says ‘put your unique phrase here’, and between the quotes, insert a long string of random upper and lower case letters and numbers, or use this page to randomly generate yourself a string
6. Save this file as wp-config.php . You’re done. If you used notepad, please check to see that the damn thing didn’t add a .TXT extension to the end. Go and load your blog and make sure everything is working.

I though I caught the bug, and searched around for more info. This page talks about “hidden link injection,” while this page has a different exploit regarding a new directory. I seem to have neither of these.

What’s really weird about WordPress now (and before the upgrade), is that it seems that my blog is sending - in response to a request for my RSS feed - zip compressed content whether or not it’s requested or even supported by the reader doing the request. I have no idea why this started happening all of a sudden.

At least, thanks to cURL, I know what the heck is going on.

$ curl http://standardmischief.com/blog/feed/|head

About 50% of the time this will feed me garbage. The head command it there to limit the scope of the garbage.

$ curl --compressed http://standardmischief.com/blog/feed/|head

Nearly the same command, but the –compressed option actually requests compression and decodes it if it arrives that way.

Stumped.

Update, 10 minutes later: As I was composing the service request, the issue seemed to have disappeared. I’ll hold off and keep an eye on the problem. My feed has been off all day (I suppose my reader does not accept gzip), but it’s working fine now.

Update 2: Here’s a terminal screenshot: (179k)

Thursday, I attached a customized resume to a cover letter email and sent it off. I also placed my resume in Word and PDF versions on my (real name) website. Shortly thereafter HR emailed me back, confirming that they got it. Thanks for that, HR.

Friday, I received my first good sign, someone had hit my (real name) website. I did a whois on their IP address, and then did the same for their company’s website. The hosting provider names matched. The user agent string on the hit hints at an out-of-date (1.0) version of Firefox on a windowing Linux platform. I’m leaning towards this being a bot, either that, or it’s a savvy speed surfer who has images turned off by default.

Saturday, I got an interesting hit with a referrer string from a site called Pilp.com, which seems to be a search engine targeted to find people. Chatter on the tubez of interwebz suggest that the company is good at scraping social networking sites like MySpace and Xanga. They also seem to have some access to court records and such. Obfuscated access log follows:

0.0.0.0 - - [05/Apr/2008:00:00:00 -0700] “GET / HTTP/1.0″ 200 705 “http://www.pipl.com/search/?FirstName=FIRST&LastName=LAST&City=&State=&Country=US&CategoryID=2&Interface=1″ “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)”

This one pulled the image on my page, so it’s likely a real human. The reverse DNS hints that this is a dialup line, so I’m going to assume that it’s a person, using Internet Explorer, from home, checking out a job candidate that they are at least seriously considering, via a link they found from the search engine at pipl.com.

Hopefully I’ll get a call for an interview on Monday.

A commenter (Anonymous) over at Xav’s place says:

Has this been verified by anyone. The only report I can find anywhere about this is from Patricia A. Stoneking. She seems to be the only source of this happening that I’ve found at this point. With the N.O. incidents there was quite a lot of public outcry and even media coverage.

Anonymous seemed to sum it up well. I’d be really disappointed to find out this was some kind of hoax to advance legislation at the state level. The other guys, the bad ones, pull crap like that. Not us.

I’m going to assume, until better data comes up, that I went off half-cocked. I’m also going to apologize to the NRA for the bashing I gave them in this post. If any additional data turns up, I’ll be sure to post something about it.

The original text of this post is below:

I don’t normally like to post when I just have something to link to. I mean, usually I’d prefer to at least comment, however today I’m speechless. Please read this story about another Katrina-type gun grab posted over at Xavier’s place.

If this story is accurately portrayed, I would hope for an outrage from the RKBA community to be at least as large as the juggernaut that flattened poor Zumbo.

If there’s even a whiff of truth to this story, I’m going to sincerely hope that the NRA begins to air drop lawyers immediately instead of waiting for their surrogate brass balls, the Second Amendment Foundation, to kick them in the groin first.

I don’t know if the two are related, but I have said in the past that if Google ever tries to target ads based on their consumers who are savvy enough to do a little mischief with their cookie, well, I can be pretty sure that those users would block those ads too.

I’d like to propose a workaround. Since Google has decided to block our agreed upon zero cookie, I say we all just agree to use another one. Feel free to use this one (fetched via the always awesome cURL):

Added cookie PREF="ID=bce8f3f9e5dce73e:TM=1206810267:LM=1206810267:S=F9QPv3nrV4NpDJsu" for domain google.com, path /, expire 1269882267

Quickie step by step for Firefox:

1. Download and install Firefox extensions Add N Edit Cookies and CookieCuller.
2. Visit Google to get the cookie.
3. Use Add N Edit Cookies to change your cookie to the ID shown above.
4. Follow the rest of my HowTo on using CookieCuller and the Firefox preferences to protect your altered Google cookie, and any other cookie you deem worthy of keeping around. Remaining cookies will be upchucked when you close Firefox.