Search Results for: node/hiding in plain

Hosting Issues

So I have had this hosting provider since 2005 and they have been bought out a couple times.  Some of the pluses though include the fact my email is hosted in Exchange, unlimited disk space, and supposed unlimited bandwidth (found that today).  I have never had any issues at all requiring extensive customer support until this past week.

Starting last week Windows Live Writer stopped posting correctly to my blog.  It had happened intermittently previously and I figured it was another glitch.  After the issue didn’t clear in 24 hours to the support console I went.

Date Type
09/15/2011 12:10 AM EDT Ticket Created
09/15/2011 12:10 AM EDT TMM contacted PowWeb
Subject:

Problems with libXML2

Customer Quote:

Earlier this year I started using XMLRPC to post content to my blog. Start in July I had incidents where posts would have the tags brackets(<>) stripped off. I ignored it figuring it was a glitch when it started working a couple days later. 

Starting about the middle of last week though this issue has become permanent. While I was normally easily able to work around it, the work around fails when I am posting images. 

Have there been any changes to the server configuration recently? 

I know it was not caused by a site configuration change because 3 other sites all exhibit the same behavior that are not used as frequently. 

Currently this is still just in the annoyance category, but as I start needing to put more pictures in content its’ going to increase on my ladder. 

All assistance I could find online pointed to server configuration with PHP version and libXML version issues. 

Thank you, 

TMM

09/15/2011 4:00 AM EDT Updated Ticket: Work in Progress
09/15/2011 7:53 AM EDT Updated Ticket: Work in Progress
09/15/2011 8:51 AM EDT Updated Ticket: Work in Progress
09/15/2011 9:50 AM EDT PowWeb contacted TMM
Subject:

[P08757884000000000] Problems with libXML2

Comment:

Hello, 

Thank you for contacting Support. 

We apologize for any inconvenience this may have caused you. In order to further investigate on your issue, please get back to us with the following information: 

1) Exact steps to duplicate your issue. 

2) URL of the page. 

3) WordPress username and password. 

Thank you! 

Sincerely, 

Kaila Pearson 

Customer Support

09/15/2011 9:19 PM EDT TMM contacted PowWeb
Customer Quote:

Drupal User Info: 

Username: TestUser 

Password:

URL: http://www.the-minuteman.org Full URL varies based on post title, it happens when content is published or sent as a draft to the server. Reproduction steps below show how to make it appear on the front page. 

Reproduction steps: 

1) Configure Windows Live Writer for an “Other services” blog and point to http://www.the-minuteman.org 

2) During configuration tell it to identify the blog theme. 

3) At this point configuration will hang because the post displayed on the front page website (http://www.the-minuteman.org) is incorrect. For example I get the following: 

pThis is a temporary post that was not deleted. Please delete this manually. (1eb91935-d1da-4e9a-85fd-82ce1220f24d – 3bfe001a-32de-4114-a6b4-4005b770f6d7)/p 

This should actually be: 

<p>This is a temporary post that was not deleted. Please delete this manually. (1eb91935-d1da-4e9a-85fd-82ce1220f24d – 3bfe001a-32de-4114-a6b4-4005b770f6d7)</p> 

But the tags were stripped, and the inner text passed through as part of the blog post text. 

Alternatively, you can skip the theme detection and attempt to post to the blog through Live Writer. The content within the post will exhibit the same loss of tags. 

Draft posts can be open and viewed from this listing: 

http://www.the-minuteman.org/admin/content/node 

For some reason the tags are being stripped off and every piece of information I have found points to server configuration, not blog software.

09/15/2011 9:30 PM EDT Updated Ticket: Work in Progress
09/15/2011 10:54 PM EDT PowWeb contacted TMM
Subject:

[P08757884000000000] Problems with libXML2

Comment:

Hello, 

Thank you for contacting Support. 

We apologize for any inconvenience this may have caused you. Could you please get back us with the exact URL where you are trying to login to Drupal admin page, so that we can assist you further. 

Please reply to this email with the requested information, so that we can assist you further. 

Sincerely, 

Riley Malson 

Customer Support

09/16/2011 12:26 AM EDT TMM contacted PowWeb
Customer Quote:

This is not tied to my Drupal web browser interface but the XML-RPC interface that different external programs use to post content. 

The symptoms of the failure are visible on my blog. Here is an example post that failed. 

http://www.the-minuteman.org/content/2011/September/15/failed-test-post-TMM 

09/16/2011 12:27 AM EDT Updated Ticket: Work in Progress
09/16/2011 12:41 AM EDT Updated Ticket: Work in Progress
09/16/2011 12:41 AM EDT Updated Ticket: Work in Progress
09/16/2011 2:31 AM EDT PowWeb contacted TMM (Resolved)
Comment:

Hello, 

In order to further investigate, could you please get back to us with the Drupal admin login details. 

If you have any further questions, please update the Support Console. 

Sincerely, 

Mae Silva 

Technical Specialist

09/16/2011 8:24 PM EDT TMM contacted PowWeb
Customer Quote:

Here is the primary user account information: 

Username: TMM 

Password:

09/16/2011 8:44 PM EDT Updated Ticket: Work in Progress
09/16/2011 9:49 PM EDT PowWeb contacted TMM (Resolved)
Comment:

Hello, 

Thank you for your reply. 

I have checked there is no error logs to investigate further on this issue. Since Drupal is the third party application I suggest you to contact the vendor of the application. 

If you have any further questions, please don’t hesitate to reply through Support Console. We are available 24×7. 

Sincerely, 

Neville Kodner 

Technical Specialist

09/17/2011 1:26 AM EDT TMM contacted PowWeb
Customer Quote:

I have investigated the drupal forums regarding this issue and I have gone one step further and mirrored my site on to a local development server I use for updates. 

The mirrored version of my site, a fresh copy of files and snapshot of the database, placed within my test environment works as it should. I fail to see how this is my blog software or site configuration when I can turn the problem on and off by placing it on my test server here or uploading it to Powweb. 

Not to mention the fact that it was running reliably at the beginning of August and I have not done any changes to configuration other than unrelated module updates. The issue also has seemed to come and go, finally becoming permanent over the past week. I initially ignored it thinking it was a glitch because it would come back later. 

All information I have been able to find regarding this type of issue online points again to the web services host, not the drupal software. 

My test server is running PHP 5.3.2 

Apache 2.2.14 

SQL Version 5.1.46 

Here is the exact error in the Drupal forums: 

http://drupal.org/node/415566 

Here is a similar issue in the Drupal forums: 

http://drupal.org/node/347298#comment-1209085 

http://drupal.org/node/347298#comment-1295684 

I’m confused though since you guys are running 5.2.17 and the issues reported were with 5.2.8. However this has turned on and off entirely on it’s own on your servers with my altering absolutely nothing in the configuration or settings within my blog. Meaning something changed in the hosting configuration. 

There are no error logs because it is a function erroneously stripping out data that it should not. Drupal gets a result from a function call that it thinks is correct but is in fact wrong.

09/17/2011 1:28 AM EDT Updated Ticket: Work in Progress
09/17/2011 1:37 AM EDT PowWeb contacted TMM (Resolved)
Comment:

Hello, 

Thank you for your reply. 

We support PHP version 5.2.17, Apache version 1.3.33 and MySQ version 5.0.45. 

If you have any further questions, please update the Support Console. 

Sincerely, 

Ariel Danson 

Technical Specialist

09/17/2011 1:42 AM EDT TMM contacted PowWeb
Customer Quote:

Has your supported versions changed since June? Something has changed and it doesn’t appear to be by my hand. I created a virgin test site and it is having the same problems. 

I have been using Windows Live Writer since January without issue until about the middle of last month.

09/17/2011 1:42 AM EDT Updated Ticket: Work in Progress
09/17/2011 1:46 AM EDT PowWeb contacted TMM (Resolved)
Comment:

Hello, 

Thank you for getting back to us. 

We apologize for any inconvenience this may have caused you. We have not changed the supported version recently. Please reinstall the application or contact the application provider to fix the issue. 

Thank you! 

Sincerely, 

Aden Nelson 

Technical Specialist

So maybe I’ve been spoiled by the company I work for by the fact that we think customer service is a big deal.  Ownership of a problem is a big deal.  Making sure the customers problem is solved is a big deal.  Getting to root cause is a big deal.  Notice how it was marked resolved long before anything was actually solved.  Very quickly they blamed it on third party software without any actual proof.

This company has totally shifted the blame for the problem from them to me. Ignoring the fact that this has happened on two independent Drupal installs who’s configurations haven’t changed.  No single individual took lead to deal with this problem and just bounced it around.  I’m stuck copying and pasting the source code from WLW into the submission form in Drupal.  Any pictures I want to submit become an arm twisting game of getting the URL correct to point to the image if I’m uploading it.

I just checked, I have prepaid 2 years of hosting starting in Nov 2010.  That gives me a year to come up with a new hosting solution and a solid game plane for site and email migration.  I will actually probably move earlier because I pay per month for my Exchange hosting and if I can find it cheaper, that’s money back in my pocket that I haven’t spent yet.

In the past I was more than happy to recommend Powweb to friends but given the first time I really had a serious issue and support utterly face planted.

If anyone has any input on what the problem might be, here’s an example of what happens when I submit through WLW currently.  I have disabled the TestUser account, and regenerated a new site password for myself since they think this issue is resolved they no longer require access.  Keypass makes stuff like this much easier to handle.  I am NOT going to close this ticket until I find a resolution to this problem.  WLW worked without issue from January to the beginning of August.  At which point I had a few flaky issues, but they always came back.  Then last week it died permanently.

I am going to continue posting new content, I won’t be putting many of my own pictures up except through my photo gallery.

So I am all ears on good hosting providers that support PHP, MySQL, and Exchange services.  I’ve got time and if I move early I’ve got some side sites that can live out there that can die around November 2012.  I know I could host myself, my bandwidth out in BFE though isn’t that great and I hate general IT maintenance with a passion.  So fellow bloggers, what would you recommend.

SSCC Honorable Mention – Chillicothe PD

A Chillicothe police officer who retired this year has been charged with sex crimes involving a 15-year-old girl.

This one is unlike the others in the fact that this one doesn’t involve an officer being assigned to a school.  However this is yet another example of a predator looking to hide in plain view.  Even more than just hiding in plain view, they are seeking positions which will provide them a blanket of trust.

McKee served on the Chillicothe police force from 1986 until he retired on March 1. The allegations against him did not arise until after his retirement, Schmidt said. McKee also has been a minister with Liberty Hill Christian Union Church since 2009.

Not only was he a cop, but a minister too.  Both of those positions people provide a blanket amount of trust and the serious predators know it.  I wish that the world was a better place, but human nature means that some are predators, some are sheep, and some are sheep dogs.  The most dangerous predators know to appear as a sheep dog.

State Sponsored Criminal Honorable Mention: Richard Eric McKee

Because sometimes the best place to hide is in plain sight.  Even better is to compound positions that will induce trust.

SSCC #194 – Wisconsin SP

A 49-year-old Green County man has been convicted of four felony
counts of sexual assault of a child and two felony counts of incest
involving a child placed in his home for foster care.

James M.
Norquay was working as a Wisconsin state patrolman in February when he
was charged with the crimes in Green County Circuit Court.

Another predator sitting in plain sight hiding as a good guy.  As a note, he was found guilty on all six counts, and he wasn’t just a foster parent but legally adopted the child.  It was a state investigation that caught him.  Even though he’s lost his job and is going to prison, this is still a massive fail.

State Sponsored Criminal Count 194: James M. Norquay

Because hiding in plain sight as a good guy is the best way to get a wide victim selection.

SSCC #83: San Antonio

A 14-year-old boy got into a fight at a school bus stop and the school district’s police officer responded by shooting him to death, the boy’s mother says. She says the cop had been reprimanded 16 times in the previous 4 years, suspended without pay 5 times, and “recommended for termination for insubordination,” but the school kept him on the force “without remedial training.”

Basically the cop was told just let the kid go, we’ll find him later there’s no need to exacerbate the situation and just stay with the victim.  What’s he do instead, throw the victim in the back of his patrol car, drive around the neighborhood looking for him.  At this point the kid is hiding in a garden shed.

Owner of the shed calls police disturbed, and as expected officer hero is the first to arrive.  This is what followed:

Nonetheless, she says: “In violation of NISD police department procedures, Alvarado drew his weapon immediately after exiting the patrol car. With his gun drawn, he rushed through the gate and into the back yard. Within seconds from arriving at the residence, Alvarado shot and killed the unarmed boy hiding in the shed.”

Because at this point he had every reason in the world to believe that the use of deadly force against a 14 year old kid that is hiding because he’s terrified will be totally justified.  Right?  Heaven forbid you just try and talk the child out of the garden shed.  Why would anyone bother to try and be civil about this and not run to the use of force?  Oh that’s right he’s a cop, this is what would happen instead:

Rather than fire Alvarado, the district transferred him to patrol, “an area of duty with less supervision,” according to the complaint.

Seriously instead of being punished, note he’s been moved to a location with less supervision.  Also he’s been reprimanded 16 times.  Between this guy and Officer Roid Rage there’s a clear pattern developing.  Cops are getting get our of jail free cards and evidently they even work with the unlawful use of lethal force.

State Sponsored Criminal Count: 83Daniel Alvarado

Because being a cop allows you to play hero and be judge, jury, and executioner.  Didn’t you see Judge Dread?

via Ry

I’d say I told you so…

But what’s the point? The people who realize that using Javascript for everything is a bad idea don’t need me lecturing them. The people who want to use Javascript for everything couldn’t create a secure system, much less understand the realities of a hostile environment if their life depended on it. Their fandom precedes the ability for critical thinking.

This is why when I read this, this morning;

This impacts Node at the Buffer to UTF8 String conversion and can cause a process to crash. The security concern comes from the fact that a lot of data from outside of an application is delivered to Node via this mechanism which means that users can potentially deliver specially crafted input data that can cause an application to crash when it goes through this path.

I said, “And nothing will change.” At least, as a minor saving grace, HTTP(S) headers do not fall vulnerable to this particular bug, but that’s mainly the headers there is question to the remainder of the processing.

The fact is, nothing is perfect, nothing is fool-proof, and frankly my hate for Javascript is largely due to the people I find who fall over themselves defending it. Does it serve a purpose? Yup, you bet. Is is a hammer that should be used while seeing every problem as a nail? Absolutely NOT.

 

SSCC #244–Harrodsburg

Jason Elder, 31, pleaded guilty to two counts of third-degree rape, 49 counts of third-degree sodomy and 97 counts of first-degree sexual abuse. All of the charges involved one girl, who was 14 at the time.

This is another cop who was hiding in plain sight amongst his prey.  This seems like a pretty light sentence given the severity of the crime and the number of counts.  I wonder if the judge was worried about the ex-officers safety.

State Sponsored Criminal Count 244:  Jason Elder

Because when a predator is placed amongst children what do we expect to happen?  Doubly so when he mascaraed as a good guy.

SSCC Honorable Mention–Volusia County Beach Patrol

A former Volusia County Beach Patrol captain was found guilty Thursday by a jury of solicitation to commit perjury for telling a young woman to lie to authorities during an investigation of sexual activity with teen girls within the agency.

Well the good news is, he was caught, fired and convicted.  However he’s still not getting nearly the punishment he should.  It’s another instance of hiding in plain sight.

State Sponsored Criminals: Jecoa Duane Simmons and Christie Rancourt

Because when you’re a cop, you can have whoever the hell you want.  The law isn’t for you, it’s for everyone else.

SSCC #265 – Northumberland Co

Stop me if you’ve heard this one before.

A Northumberland County deputy, sworn to protect the children that attend the local high school, is currently sitting in a jail cell accused of carrying on a sexual relationship with a female student under his watch.

Yet another wolf hiding in plain sight.  The scariest thing is this is a district with an on going history of problems.

The arrest has shocked a community already reeling from last year’s arrest of 5th grade math teacher Christopher “C. J.” Richardson, who has been indicted for multiple felony and misdemeanor charges including indecent acts with a child, abuse of a child with disregard for life, purchase of alcohol for minor and distribution of marijuana to minors.

Not to mention it appears he committed the acts while on the school campus.  The state put the wolf in the pen with the sheep.

State Sponsored Criminal Count 265: Derek Jones

Because what better way to pick up little girls than to be the trusted police officer.