Current Location: Home / 2009 / Archives for September 2009

UNIX System Monitoring

September 12, 2009 By Leave a Comment

Matt Critcher recently posted a review of Monit on his blog.  We have been trying it out as a monitoring solution on our servers at Pleth.  I get the impression from Matt’s post that he likes the software pretty well, I know he’s not a big fan of any kind of bloated software.

I checked Monit’s website this morning and was very impressed to see that they also have a free iPhone application that will allow you to track your systems from your phone.  How cool is that?    The software itself is also pretty cool. Monit can start a process, restart a process if it does not respond and stop a process if it uses too much resources.

Being a developer, one thing that I can see might be useful is that Monit also allows you to monitor files, directories and filesystems for changes, such as timestamp changes, checksum changes or size changes. There are several other solutions out there that will all you to track remote hosts also but they don’t have all of the functionality that monit has I don’t think. With Monit you can monitor remote hosts; and ping a remote host and can check TCP/IP port connections and server protocols.

I can remember a few years back I installed a similar solution to this on one our first servers for the purpose of tracking uptime and posting it on our website, it was a nice solution but it had so many security revisions with it that we eventually decided the risk wasn’t worth it in the long run.  I can’t remember the name of the software we were using but I am sure it’s gone away by now…  Here’s what Matt had to say about Monit on his blog:

When you maintain several servers each running several virtual machines and have anything else at all to do, it is impossible to keep your eyes on them 100% of the time. There are a handful of software packages out there that can do this for you, but most are either too bulky, too complicated, or lack the features that you want.

Scott Pinkston referred me to one the other day called Monit, which is the first one of these programs that I actually liked. Most of the others just have too much. This one is short, and to the point. Monit installs very quickly, and runs in the background as a daemon.

One very simple config file holds the configuration data for the services you want to monitor, and if you so choose, you can have a secure webpage display stats on your services. It can also be configured to email you (or call the beeper, etc…) if certain events occur, and best of all, is super lightweight. It won’t tell you if your version of apache needs updated and it won’t impress you with tons of buttons, whistles, and flash animations. But it will let you know if some process is running away, and it will kill it for you (and restart it if you have it configured)

So far, we have NO complaints. It’s licensed under the GPL, and they also sell a version (which we haven’t tried) that can monitor multiple servers from one central login for around $135.

Here’s a screenshot of Monit that I found on their website, looks pretty straightforward to me…

UNIX System Monitoring | www.mcritch.com

Filed Under: Web Hosting Tagged With: , ,

Remembering 9/11 – Let’s Roll

September 11, 2009 By Leave a Comment

One of the stories from 9/11 that sticks out in my mind the most was the story of Todd Beamer.  He and a few other brave passengers aboard Flight 93 decided they were going to take matters into their own hands and by doing so, went after their hijackers and forced the plane down into a field instead of allowing it to reach it’s destination, which was likely going to be the White House.  The story goes on to say that shortly before Todd and a few other men decided to confront the hijackers he called his wife to tell her he loved her and then told the rest of the guys “Let’s Roll” and we all know what happened next.

It surprises me that a lot of people never heard this story, I guess I can understand it because there was a lot of news to digest that day, but when Neil Young heard this story he sat down and wrote this song.  I have seen a lot of 9/11 tribute videos today and a lot of patriotic songs, etc., but this is the one that I decided to go with because it tells a different story.  Yes, as American’s we can sometimes be vulnerable or fall victim to sneak attacks from our enemies, but there is one thing you have to remember, we won’t take it sitting down, we are going to do our best to kick your a$$!

If you want to read more about Todd Beamer and Flight 93, there’s some good info on Wikipedia and also on United Heroes. His family went on to setup the Todd Beamer foundation, you can learn more about that here

……………………………………………………………………..

……………………………………………………………………..

No sooner than I had posted this, someone sent me a link to this YouTube video which show’s a re-enactment of what happened on Flight 93.  This is kind of tough to watch, but I think that it’s important to honor heroes like this so they or their sacrifices are not forgotten.
……………………………………………………………………..

Filed Under: Miscellaneous Tagged With:

Current Projects: Powersite Ministry Solutions

September 11, 2009 By 1 Comment

I blogged a while back about our content management solutions for churches and evangelists, and I think that I have gotten more inquiries about ministry websites than any other type of project since then. This got me to thinking, what if we just setup a ministry specific site dedicated to promoting our ministry website solutions, and even throw a few blog posts in from time to time with helpful tips for streaming video, or running your podcasts through iTunes.  The more I thought about this, the more determined I became to make it happen.  I bounced this idea off of my partner Greg a few times too and he thought it was a good idea as well, so I started hashing out the outline for the site.

It took me about 4 months or so of working on the content and design elements in my spare time.  I finally came up with a design that I am comfortable with, of course it’s going to have to be tweaked a lot, my OCD catches things that the normal eye just passes over.  I went ahead and launched the site this afternoon because I figured it couldn’t hurt anything, the powersitedesign.com domain has set there dormant for the better part of 2 years without any content updates.  I hope this new site has the desired effect, I would love to see our list of ministry clients double before the end of the year.

If you are interested, we do have a very comprehensive package for churches that will allow them to do everything from manage the content on their website to live video streaming of their services, and pretty much everything else in between.  You can visit the all-new Powersite Ministry Solutions website for a full description of our ministry solution, see some examples of our most recent ministry projects, learn how to use social media to expand your online ministry, or request a free consultation regarding your ministry project.

powersite-screenshot

Filed Under: Press Releases, Social Media / Web 2.0, Web Development Tagged With: , ,

Current Projects: Streamlining Project Discovery

September 9, 2009 By Leave a Comment

I have been developing websites for a long time now and over the years I have seen a lot of changes in the way that we, as developers, approach projects.  I suppose a lot of this has to do with the fact that we not only approach projects differently but we also build them differently. 

Personally, I wouldn’t have dreamed of using an open source content management system or framework about 7 or 8 years ago because a lot of these solutions weren’t mature enough to be trusted, especially from a security standpoint.  Of course, this is polar opposite today, many popular content management solutions like WordPress, MODx, Joomla, and Drupal have all matured and are viable options for building web projects in.

While a whole lot has changed in terms of how we develop projects, one aspect of what we do hasn’t.  Project Discovery, or the initial conversation you have with a prospective client prior to quoting out their web project, is extremely important.  During this process I like to try to get my head around everything the client is wanting to achieve with their website. 

Phase One:

This initial conversation, or Phase 1, usually consists of the following determinations…

  • Do they require content management?
  • Do they plan to blog or publish news releases?
  • Do they need graphic design / photography / or page layouts?
  • Do they have a rough project outline?
  • Do they have content writers, or will we be quoting this out?
  • Do they plan to capture any user data?
  • Do they need any custom applications or functionality?
  • Do they need to plugin or interact with any third-party applications?
  • What is their timeframe for testing / launch?
  • Do the also need email?
  • What is their budget?

Phase Two:

Once I have all of the answers to Phase One I can pretty much start on a proposal, but before delivering the final cost analysis to the client I usually will follow up with them regarding our initial conversation about the following…

  • Has anything changes since we last spoke about the project?
  • Can we nail down the project outline and go through it to make sure we haven’t left anything out?
      • If the project requires capturing data or any custom programming, can we nail down the specifics and build a model of how they are envisioning the project to function. 
      • If the project requires interacting with a third-party application or service, do we have a method for me to test this functionality?  Is there support documentation or point of contact for this service?
      • Who is going to be my point of contact during the project?

Once I have all of this information in my head, and I have already gone over our policies and procedures for dealing with scope creep and additional development costs down the road, I am usually ready to build them a proposal based on the information I have.

Since most of the discovery information I get from clients comes through either web conferencing or telephone calls, I simply jot down these notes in my notebook and pull from that while making the proposal.  A few years ago I would send the prospective client my discovery notes along with my proposal just so that there wouldn’t ever be any confusion once the project got started.  Over the years I have stopped doing this but I got to thinking today that it might not be a bad idea to start doing this again.

What Got Me to Thinking About This?

Today my business partners and I were on the phone w/ a potential new account and were asking him the usual discovery questions regarding his project.  My partner Stephen had already spoken with this person briefly so he took the lead on the call, my partner Greg and I listened in and chimed in with any questions we might have.  While this was going on, I jotted down a few notes in my notebook about the project, even though I had already more or less made the determination, as did my partners, that I was more than likely not going to be the one developing this project.  Internally we are able to discern which one of us is best suited to manage a project, sometimes even from the initial conversation we are able to make this call… 

When we got on the phone after the conference call with one another we all agreed that it would more than likely be a project that Greg would oversee.  But, let’s say that Greg get’s bogged down and needs for me to pickup and help him out on a project, it would be nice for me to have access to the discovery notes that Greg has put together regarding the project.  We currently use Basecamp for project management but it doesn’t do a detailed job of capturing discovery data in my opinion so I got to thinking what we could do to build onto this…

Idea for Custom Application

I am going to build a custom application that we can enter in discovery notes for projects into a form online during our conversation.  I am also going to have this form be accessible by our blackberries and iphones as well.  Of course, once all of the project discovery information is input we will be able to generate a PDF or Word Document from the data entered.  I haven’t got the entire schematic worked out in my head as to what this is going to look like yet and I haven’t started on it, but once I have something rough, I will be sure to post an update here.

Just out of curiosity, what do you use for your project discovery process?  Be sure to leave me your comments below…

Filed Under: Current Projects, Web Development Tagged With: , ,

I am Really Liking Disqus

September 8, 2009 By 11 Comments

I knew that I was going to like Disqus a lot before I installed it on my blog, but I don’t think that I realized just how much.  My first observation after installing Disqus was that I immediately got about 3 or 4 comments on a few of my posts.  One of the posts was several months old.

Prior to installing Disqus I had about 140+ registered users that had left comments on my blog, most using Facebook Connect and a few had registered via WordPress.  Well, just by giving my readers the ability to post using authentication from Twitter, Facebook, Disqus, and OpenID has dramatically improved the dialogue I have with my subscribers / readers.  I strongly recommend Disqus to anyone looking for an enhanced commenting platform.

Filed Under: Cotton Recommends, Social Media / Web 2.0, Web Development, Wordpress™ Tagged With: ,

My Observations from the Razorback Opener

September 8, 2009 By Leave a Comment

This past week has been a blur for me so I apologize for the late post regarding the Razorback opening game.  My wife’s grandfather passed away a few days prior to the game so we naturally weren’t in the right frame of mind going into the game but we quickly perked up after the kickoff in which we ran the ball all the way back for a touchdown.

In my jubilation I accidentally knocked one of those hearing devices you can order on television for $19.95 out of an elderly gentleman’s ear that was seated beside me when my attempt to give a total stranger a high five went terribly off target, this is a story within itself but will spare you the details of our seating agony during the game.  I will just say that I was forced to squeeze in behind a 350lb dude that had one of the longest tallest heads I have ever seen and an elderly gentleman that couldn’t hear a word that was announced during the game and had to ask me each time a flag was thrown what the penalty was for.  My preference for ballgames is within the comforts of my parents air-conditioned box in Fayetteville and I guess I am ruined now…

All in the all the Hogs played great I thought, it was hard to guage how good we are going to be however because we didn’t see enough of Ryan Mallett.  Tyler Wilson looked good, but is not anywhere in the league with Mallett.  He (Mallett) was so poised and relaxed in the pocket that I think we are going to see great things out of him when we do face some opposition on defense.  He never panicked.

Having been to several games during the Houston Nutt era at Arkansas, this game was a strong contrast, we moved the ball, and never wasted any downs trying to make a hole somewhere there wasn’t one.  Oh, and by the way, in case you missed it, Houston Nutt took his Ole Miss team into Memphis this weekend and demonstrated once again how to take a much more talented team into a game and almost throw it away.

Other players I was impressed with during the game were Wendell Davis, Wingo and Michael Smith.  I also hope London Crawford is ready to go soon, I haven’t heard a report on his injury yet.  If anyone knows anything on this be sure to let me know.  Here’s the report from KTHV about the game:

The Arkansas Razorbacks began year two with Bobby Petrino by racking up 447 yards through the air in a 48-10 thumping of Missouri State. In the state of Arkansas, black bear hunting season typically does not begin until the winter. Second-year head coach Bobby Petrino and the University of Arkansas Razorbacks got a head start with a 21-point first quarter to begin a 41-10 rout of the Missouri State Bears before a sellout crowd at War Memorial Stadium. The Razorbacks, 1-0, passed for a school record 447 yards behind the efficient work of sophomore Ryan Mallett and freshman Tyler Wilson. Both quarterbacks had sustained touchdown drives for the Razorbacks as Arkansas combined to hit 30 of 41 attempts with a lone interception. Missouri State drops to 0-1 in the season opener for both teams.

"We came down here and did what we set out to do," UA head coach Bobby Petrino said. "I was really happy with our preparation and the way that we traveled. We are a more mature team than we were a year ago and it showed in the game. There is a lot we have to learn, but first and foremost I want to emphasize the positive aspects. We will get to work and fix the negatives by next game."

The Razorbacks took control of the game at the kickoff as Dennis Johnson took Matt Hottelman’s opening kick off 91 yards for the first touchdown of the 2009 season. The PAT from Alex Tejada gave Arkansas a 7-0 lead 18 seconds into the game and led the way for the first 21-point quarter of offense in the Petrino Era at Arkansas. "That kickoff return was demoralizing," Bear cornerback Cedric Alvis said. "College football is all about momentum and we started out without momentum."

Nearby Rogers, Ark., product Cody Kirby managed a first down after the Razorback kickoff, but under pressure from Freddie Burton hurries his pass and was picked by Wendel Davis. Mallett opened his Razorback career with a completion, and guided Arkansas to a short six-play, 46-yard drive capped by a 15-yard untouched draw from Michael Smith for the touchdown. "The opening kickoff and the interception put us in a hole and we’re not a sure enough or good enough football team yet to overcome that," MSU head coach Terry Allen said. "I did see some things in the second half that showed me we were better this week." Missouri State managed to get on the board when Hottleman connected on a career-long 53-yard attempt with 3:16 left in the first quarter. The Razorbacks responed before the end of the quarter with a one-yard touchdown run by Broderick Green, set up by a pair of receptions from Mallett to Jarius Wright.

Petrino went to his backup quarterback, Tyler Wilson, for the next series, and the 6-3 freshman led Arkansas to its fourth touchdown of the night. Wilson’s drive saw two fourth down conversions, including the two-yard TD pass to Van Stumon. "I was happy with both of the quarterbacks tonight," Petrino said. "Ryan did a very good job showing a good demeanor and leadership. He got hit a couple times and it was a good thing. He stayed in the pocket and made good decisions. I was happy with the protection, timing, the way the ball came out of his hand and of course the accuracy." Trailing 28-3, Missouri State put together its first touchdown drive of the night, aided by a fourth-down pass interference penalty in the Razorback end zone. After the flag, Jonathan Davis punched the two-yard run in for a 28-10 deficit.

Mallett returned to the game, and took his consecutive pass completions to nine before his first miss. Moving the Hogs inside the Bears’ four yard line, Tejada came on with 14 second left in the half to pick up his first field goal of the season with a 20-yarder to send the teams to halftime at 31-10. "This game was everything I expected it to be," Mallett said. "It has been my lifelong dream to come out and play as a Razorback." Wright closed the first half with more receiving yards, 123, than the entire Missouri State offense as the Bears put up only 120 total yards. The Razorbacks had 290 yards in the first half, mostly through the air thanks to a 16-of-20 overall effort for 251.

Each time it appeared MSU could find life, notably three penalties that extended Bear possessions, Arkansas would deliver another crushing blow. After an interception of Kirby at the Arkansas one yard line by Tramain Thomas, the Razorbacks proceded to march 99 yards in just 94 seconds to score. A 40-yard rambling weave through the Bear secondary by Joe Adams facilitated by key downfield blocks by his fellow receivers ended the lighting drive, and put Arkansas up 38-10 early in the third.

Missouri State couldn’t even win a video challenge from the Razorbacks, as a late fourth quarter punt was ruled to not touch an Arkansas player, giving the ball back the Hogs. Arkansas’ offense was almost perfect, going until the final 1:43 of the game before a turnover as Wilson was picked off by Antonio Brown of MSU. The Bears could muster no further offense, closing the game with only 205 total yards. Arkansas racked up 591 as a team, adding 144 on the ground. Ronnie Wingo, Jr., led the team with 50 net yards, but Smith used his four carries to rack up 43 yards and a touchdown, a 10.8 yards per carry average.

Wright closed with 139 yards on six receptions to lead the Razorbacks. Three other Razorbacks – Joe Adams, Cobi Hamilton and Greg Childs – had four catches. On the evening, Mallett finished his first start for the Razorbacks by hitting 17 of 22 for 309 yards and one touchdown. Wilson was 13 of 19 for 138 yards. By comparison, MSU’s Kirby managed only 13 of 22 with two interceptions and just 205 yards.

One other highlight from the game that happened away from the field and in the midst of all of the tailgaters that I would be remiss for not mentioning happened as we were making our way to our seats.  I witnessed a “well-endowed” young lady, who was obviously under the influence, raise her shirt and shake her breasts at the crowd as we were making our way into the stadium.  The only thing she had on was two plastic Razorback pasties.  Trust me, i couldn’t get to my iPhone in time or you would be seeing that shot here this morning…  Amazing. haa.  My wife fortunately didn’t see this incident or it might well be my last tailgating experience. :-)

 

Petrino Opens 2009 With Offensive Record – todaysthv.com | KTHV | Little Rock, AR

Filed Under: Sports Tagged With: ,

Making Some Health / Fitness Decisions

September 6, 2009 By 2 Comments

Image1This past week not only did we bury Donna’s grandfather but I also had a friend from High School, who was about my same age, pass away from a massive heart attack.  This hit home for me and has had me really thinking a lot about my health the past few days.  In just 3 years I am going to hit 40, a number I used to think was old, but now realize it’s middle-aged.

One of my goals going into 2009 was to lose weight and get into shape.  I assume responsibility for most of the reasons why I haven’t been able to achieve this goal. There have also been a few unforeseeable obstacles thrown my way that have hindered my plans as well.

Low Testosterone (T) Levels

One of these obstacles was the discovery that I have low T levels, this is something that is hereditary for men in my family and for the most part it can be treated easily.  The monkey wrench for me though was that the normal course of treatment for low T levels, Testim gel, has adverse side effects if you are trying to have children.  It all but zaps your sperm count, I know, that doesn’t sound right, but my endocrinologist recently confirmed this to me (after we had spent several months trying to get pregnant not knowing this).

To address the low T levels my endocrinologist prescribed HCG injections.  If you are unfamiliar with HCG, it’s basically the hormone that is produced by pregnant women, it also works to stimulate men into making more testosterone naturally.  The downside of going to HCG was that it took a while for it to get into my system, approximately 2 or 3 cycles before I could tell it was working.

In case you are wondering, when your T levels are low, you barely feel like getting out of bed in the mornings, much less exercise.  By using the HCG, we have finally been able to get to a place where I am feeling better.  My last lab work also confirmed that my T levels are getting back up to where they should be. By far, low T levels have been my biggest obstacle so far this year toward getting into shape.

High Blood Pressure

A few weeks ago while I was having a routine checkup with my doctor he informed me that I had hypertension, or high blood pressure.  I also have an abnormally high pulse rate as well.  This was pretty frustrating for me because up until this point I had never had high blood pressure.

I have always said that I was not going to grow old gracefully, and that’s probably right.  When I see grey hairs starting to come through in my hair, I immediately schedule a haircut.  I don’t know why this is but I just don’t ever want to see myself as old I guess.

To treat the high blood pressure, my doctor prescribed Lisonopril.  I was taking it for a few weeks and checking my blood pressure daily, only to find that it wasn’t bringing my pressure down.  I would routinely register 178/114 and my pulse rate is always about 120.   I have been using an iPhone app to track my pressure so I called the doctors office and let them know that it was still high and gave them my readings.  My doctor called back that same afternoon and instructed me to double down on my blood pressure meds.  So far I haven’t seen a noticeable change other than my top number is a little lower.  I go back in a week or two to see him again for a follow up, hopefully then we can look at some alternatives to getting my pressure down.

Diet and Exercise

Prior to moving to Conway, I had a pretty regular routine where I would get up in the mornings and jog about 3 miles each morning.  Of course some mornings I would skip, but for the most part I was conditioned to where I could jog 3 miles with ease.  Fast forward 4 years down the road, I am married and lazy! I can’t possibly run one mile right now and am scared to even try given the fact that my blood pressure is so high.

I am not giving up though, I am going to talk to my doctor at this next checkup and see what we can try to lower my pressure and I am going to talk to him about my diet and exercise.  When I was single I was able to keep the weight off by eating a high protein, low carbohydrate diet and exercising.  Getting married has changed all of that though, in fact, the longest I have been able to get back on this diet and stay on it has been for like 3 weeks.  I have got to get motivated though and stick to my game plan.  My body has always responded well to this type of diet and there’s no reason why it shouldn’t work for me again if I can just stay on track.

Once my blood pressure is back to normal, which I am hoping will be in a few weeks through treatment, I plan on getting back into shape by doing a combination of running and walking through my neighborhood.  This is going to take the most dedication I think, I am going to have to make myself get up in the mornings and push myself to get back into shape.  I will be starting from scratch so hopefully even the modest improvements will keep me motivated and not frustrated.

Filed Under: Miscellaneous Tagged With:

The Warriors Barely Escape UCA (25-20)

September 5, 2009 By Leave a Comment

ucalogo Last night at midnight, I tuned into the UCA / Hawaii ball game that was being televised on channel 42.  I have to admit, I was pretty impressed with UCA and the way they were able to shut down Hawaii’s offense and force a turnover on their first possession.  I was also impressed at how UCA was able to bring the ball down the field and put it in the end zone. 

This is going to be an exciting season for UCA and I hope to make it over to a lot of their games this season.  Just seeing them do that well against a much larger school really impressed me.  Of course I fell asleep shortly before halftime and didn’t wake up until 4am so finding out that Hawaii pulled it out surprised me.

To my knowledge Nathan Dick, transfer from the Razorbacks, didn’t get to play any last night.  I have heard rumors that he was injured so that might have been the case.  I am not a big fan of anything from the Houston Nutt era infiltrating UCA…

Rodney Bradley made a leaping grab of Greg Alexander’s 8-yard pass in the back of the end zone with 1:22 left tonight to give Hawai’i a pulsating season-opening 25-20 victory over Central Arkansas at Aloha Stadium.

The Warriors appeared to be doomed after slotback Kealoha Pilares was stripped of the football at the doorstep of the goal line with about 7 minutes remaining. But the Warriors forced the Bears to punt on their ensuing possession and took over at their 26 with 2:26 to play.

Alexander then threw to slotback Greg Salas in the left flat. Salas eluded a would-be tackler, then looped to the right and cut back across the field. He was finally tackled at the 8 after a 66-yard gain. Three plays later, Alexander rolled to his right and threw high to Bradley, who made the leaping catch.

Central Arkansas’ last possession ended when blitzing linebacker Corey Paredes hit quarterback Robbie Park just before he released a pass, and nickelback Richard Torres recovered at the Bears’ 2 with 1:02 left. Hawai’i then ran out the clock.

Brent Grimes scored on a 1-yard run with 10 minutes left to help the Bears regain the lead at 20-19. It was Grimes’ third touchdown of the game. The Warriors had taken a 19-14 lead on Alexander’s 3-yard scoring pass to Pilares and Scott Enos’ 36-yard field goal.

The Bears dominated nearly every phase in the first half in establishing a 14-9 lead.

Central Arkansas is a probationary member of Division I-AA, which offers fewer scholarships and usually has a considerably smaller budget than Division I programs.Still, the Bears, who lost several key offensive players from last year’s 10-2 team, made the right plays at the right time in controlling the first half. Central Arkansas mixed a power running game with a spread passing attack that often featured up to five receivers.

Even when the Bears appeared to set up a running play — going with two tight ends — they still managed to complete a pass to the lone receiver. The Warriors entered with concerns on defense. Their defensive leader, middle linebacker Brashton Satele, underwent season-ending shoulder surgery last week.

Their lone returning full-time starter, defensive right end Fetaiagogo "John" Fonoti, was not on the game’s active roster because of a bruised left kneecap. Yet it was the Warriors’ much-heralded offense that struggled. Their first five possessions ended with two lost fumbles (both by Alexander), an interception and two punts.

The Warriors’ opening drive was abbreviated to two plays. Alexander was sacked by defensive end Larry Hart. Defensive end Markell Carter recovered at the UH 22.

Four plays later, against a five-man stacked front, Grimes found an opening on the right side for a 1-yard touchdown run. The Warriors closed to 7-2 when Daniel Herrington snapped the football over the head of punter Jonathan Beard. Beard chased down the ball at the 2, and kicked it out of the end zone for a safety.

But the Warriors, who would receive the ensuing free kick, squandered a scoring opportunity when safety Pieri Feazell intercepted an Alexander pass in the end zone.

In their first possession of the second quarter, the Bears drove to the UH 4. From there, Park threw a screen to Grimes in the right flat. Grimes caught the ball at the 4, and weaved his way into the end zone for a 14-2 lead.

The Warriors cut the deficit to 14-9 on Alexander’s 4-yard scoring pass to Salas at the end of a crossing route. Salas, who had moved from left wideout to slotback in spring training, had sustained the drive with a 44-yard, catch-and-sprint play.

Park, a fifth-year senior but first-year starter, completed 12 of 17 first-half passes for 113 yards. In the first half, Alexander was 9 of 16 for 132 yards, although 63 of those yards came on the Warriors’ touchdown drive.

Warriors escape with 25-20 victory over Central Arkansas | HonoluluAdvertiser.com | The Honolulu Advertiser

Filed Under: Sports Tagged With:

Ruby on Rails Vulnerability

September 4, 2009 By 1 Comment

So apparently there was a XSS vulnerability patched yesterday in Ruby on Rails that affected Twitter and Basecamp. The spin that a lot of people are trying to put on this story is that IE8 was immune to the cross site scripting vulnerability but I think that the focus should be put on the fact that Ruby, while powerful and extremely popular, is still somewhat new and things like this are just going to happen until it matures.

A cross-site scripting (XSS) vulnerability that was patched on Thursday in Ruby on Rails affected several widely-used Web services including the popular Twitter microblogging Web site and Basecamp, a project management tool created by 37Signals from which the Ruby on Rails framework originated.

Security researcher Brian Mastenbrook uncovered the bug when he was conducting a serendipitous test of unicode handling in Twitter. He discovered that he could circumvent the site’s string sanitization mechanism and inject a JavaScript payload. It falls into the category of a non-persistent or "type 1" XSS vulnerability.

"After seeing a bug in Unicode handling in an unrelated program a few weeks ago, I suddenly had an idea: ‘I wonder if there are any web applications which have Unicode handling problems that might be security issues?’," Mastenbrook wrote in a blog entry. "My attention quickly turned to Twitter, the only web application I had open at that moment. A few minutes later, I had JavaScript from a URL query parameter falling through the escaping routines and running in the main body of twitter.com. Bingo! Cross-site scripting, the stuff that Twitter worms are made of."

When he was able to reproduce the glitch at Basecamp, he began to suspect that the flaw was inherent to Ruby on Rails, the popular Web framework used by both Web sites. He attempted to contact Twitter and 37Signals to get further assistance in isolating the bug. After conclusively determining that Rails was the source, he provided the relevant information to the Rails team so that they could address the issue.

The vulnerability was disclosed to the public on Thursday when the Rails team published a patch. According to the relevant Rails security bulletin, the issue affects all versions of Rails 2.0. New 2.3.4 and 2.2.3 releases have been issued with the fix rolled in. Users of prior series are encouraged to apply the patch themselves.

In his blog entry, he describes the process that he used to responsibly disclose the vulnerability to the major affected Web site operators. His interaction with the Twitter and Rails developers went smoothly, but he complains that 37Signals was dismissive and unresponsive. He criticizes the company for touting its security while failing to provide an appropriate channel for researchers to report vulnerabilities.

Another issue that he discusses in his blog entry is how XSS vulnerabilities can be mitigated by various tools. He praises Microsoft’s Internet Explorer 8 Web browser which was immune to the vulnerability he discovered thanks to its built-in cross-site scripting filter. He strongly endorses the concept and says that other browser vendors should adopt it.

Ruby on Rails vulnerability affects Twitter; IE8 immune – Ars Technica

Filed Under: Web Development Tagged With: , ,

LeGarrette Blount Punches Boise State Player

September 4, 2009 By Leave a Comment

I am so glad College Football is back, and to top things off last night LeGarrette Blount from Oregon decided to punch a Boise State Player after the game.  What gets me is why the rest of Boise State didn’t jump on him and flog him??  Oh, and one more thought, that whole ceremonial handshake thing before the game, we don’t need all that…

Filed Under: Sports Tagged With:
« Older Posts
Newer Posts »