fail2ban has a php-url-fopen rule.

WordPress has a Global Translator plugin, which – among others – uses Google Translate service.

If someone uses Google Translate (e.g. using Global Translate’s mini-language-flags), and goes back to your blog – that someone might get banned by fail2ban (especially if you have set maxretry to 1), as the referrer will contain the php-URL-fopen attack signature. The bad thing is that you will not realize that until after you check one or several translations yourself, as a random site visitor experiencing the problem is highly unlikely to bother reporting this problem – especially when your blog’s Contact page is also inaccessible.

Clearly, Google Translate is not the only legitimate service which will trigger that rule.

Solution: The only solution I have found is to specify the whitelist regex for the php-URL-fopen rule.

A nice report on the cost of bruteforcing variable-length and variable-complexity passwords using cloud computing services (e.g. Amazon’s EC). There’s a kind of a tutorial in their previous post.

Slow DoS attack with just 1 computer against a number of web servers, including Apache: slowloris. There is a solution for Apache, packaged for RedHat and also available for Debian.

Finally, there’s Go programming language. The most inspiring promise to me personally is the ease of execution parallelization with language’s built-in syntactic constructs. That is something highly desired. Also, I like that it is a compiled language. However, it might be 10%-20% slower than pure C. Let’s see how it grows.

PwdHash uses your “single password” to create a site-unique password (by making a one-way hash of your password and the site’s domain).

Although I’m not using “single password for all sites”, PwdHash does look very convenient.

Today Google celebrates the invention of the barcode.

To help in this celebration, you can make a barcode with your site’s address (there is at least one more at barcodesinc, but at the moment of writing it is painfully slow).

I find these parameters nearly optimal:

• Type: Code 128-B
• Styles: Draw value text
• Size: 234×60 (half-banner size)
• Xres: 1
• Text font: 5
• Value: bogdan.org.ua

If you wish, you can also exactly replicate today’s Google logo – which says “Google”, as you could have guessed.

You can place this barcode on your “souvenirs” – pens, cups, t-shirts. Many phones now have barcode scanners (e.g. Nokia E71), so put this code onto your namecard.

Read on to learn about matrix barcodes.
Read the rest of this entry »

This will be the 2nd DrupalCamp in Kyiv. Please click the logo to visit the official web-site to learn more.

Stumbled upon SciVee.TV – an open video upload service for research-related videos.

I believe it is highly useful. Compare: watching an 8-10 minute video of someone’s research to reading their article on that same subject. For me, those 8-10 minutes make video option a clear winner.

One of the envisioned uses of SciVee is to upload videos describing peer-reviewed published articles. This has two benefits for the reader: quickly getting acquainted with the essence of the article, and having that article as a complete reference for any questions not discussed in the video. For the author, this gives an additional bonus of higher visibility of his research.

Personally, I’ve immediately found 3 videos pertinent to my topic. Of those, one was accompayning an article in PloS Biology, one was an hour-long lecture, and one was a poor quality audio recording of someone’s intended research.

SciVee is young, and that is currently the largest drawback: not much could be found in a narrow research field. But I’m sure it will grow.

If you ever need to glimpse at the properties of the Poisson distribution with lambda=0.16, or find the factorial of 6163338 (as a gamma function), then Wolfram|Alpha is a perfect tool for you (unless you have some math package at hand).

The motto of Wolfram|Alpha is Making the world’s knowledge computable. Basically, it is like Mathematica plus a growing corpus of factual numeric data, plus a system to interpret user’s input. This is a nice online reference and computation platform.