Oct 03 2008

Izea’s RealRank Security Flaw

Category: PersonalChrisM @ 1:32 am

Perhaps security flaw is over-dramatising the situation, however there is definitely a problem with supposedly private data being easily revealed

IMPORTANT
1) To any Izea/SocialSpark/PayPerPost staff reading this post – I am happy working for you, and DO NOT wish my blog to be removed from your schemes
2) To everyone else, especially those concerned with the way this information is being revealed, I have raised the issue via the Izea support ticket system. However, despite two separate assurances that the problem either didn’t exist, or had been fixed, the issue remains

DETAILS
People who have the ITK code in their sites are able to have their ‘RealRank’ calculated. In essence, this ranking system is designed to replace the (apparently) easily gamed Alexa ranking system. Average visits, pageviews and also relevant inbound links are all proportionately weighed into the final score, with 1 being the best rank, and the higher your rank, the less popular your blog is effectively considered.
The raw data that goes into Izea’s equation can be marked as private, so that only IzeaRank and other already public information is revealed when you look a blog/blogger up.
Or at least that is supposed to be the situation. However, not all pages correctly ‘hide’ this info.
I will use my own blog as an example, as I do not wish to directly publicise other blogger’s info where they wish it be kept private.

PROOF
Visit http://socialspark.com/blogs/chrismerriman-com – this is the blog specific page at Izea’s SocialSpark scheme. Note the (correct) label of ‘Private’ applied to the Daily Average Views and Visitors.
Now visit http://socialspark.com/bloggers/silentlyscreaming/blogs – this is the blogger specific page at Izea’s SocialSpark scheme. Here, both Daily Average Views and Visitors are incorrectly displayed.
Originally, the analytics page for blogs ( http://socialspark.com/blogs/chrismerriman-com/analytics_overview for example) also gave access to the private data.

Should it be required, I’ve obviously kept a screenshot of the problem. I have also tested this problem in both Firefox 3 and Internet Explorer 7, with cleared caches and ensuring I was logged out at the time.

I have made the decision to publicise this problem, in the hope it will finally speed up the remedial action required to ensure that private data is kept that way.

[edit added after first comment was recvd.]
I have added a little more information about the actual two way exchange of information that occurred via the Support Ticket system.

Tags: , , ,

Jul 16 2008

PPP Weren’t Down!

Category: PersonalChrisM @ 2:33 am

I meant to update the situation since my PayPerPost And SocialSpark Down Again? post. It turns out the problem was at my end, as many other sites were also not available. The sites resolved OK, but they just hung with the connection established, not even timing out. After running through the obvious preliminary checks, I asked Ira to contact our pseduo-ISP, and check what the problem was. Nothing at all apparently, the fault must lie with our setup.

I sent this letter, and was happy to receive a reply, quite quickly, on a Saturday afternoon!

(his name removed),

I believe you spoke to my wife, Irina, earlier today. These are the details of the problems we have, I look forward to hearing the solution.

Are our current internet problems because we are on the restricted speed connection right now, as we’ve gone over 10Gb?

This has been happening since Wednesday, possibly one or two days before that.

Problems include…

1) The following sites not working –

http://support.microsoft.com/
http://bitcast-b.bitgravity.com/websitedown/index.html
http://payperpost.com/
http://socialspark.com/opportunities

None of those sites will load, it just states ‘waiting for (name of site)’ constantly. All sites load if I use a web proxy service to test them.
Other sites load ok, the ones given are just examples I’ve noticed so far.

2) MSN Messenger can not connect, but Skype is OK.

3) BitTorrents cause complete failure with the internet connection – ALL downloads/uploads, not just torrents will stop for 10-20 seconds, start again for 10 seconds, then fail again in a loop. This has always been the case, not just since Wednesday.

Attempts to repair or specifically identify the problem…

Confirmed that no proxy server is set, Automatically Detect Settings unchecked, used both FireFox, Internet Explorer 7, Pocket Internet Explorer and NetFront.
I tried the same things on my wife’s laptop, with both a wired LAN connection and WiFi. Exact same problems occur.
I tried the same things on my PDA, using WiFi. Exact same problems occur.
I obviously tried restarting the PCs & the router (a Netgear DG834PN).
I checked the MTU is not set too high (currently 1492) and therefore causing strange fragmentation problems.
I removed the DNS servers I had assigned (OpenDNS, as the ones in this country are quite bad), and used the default ones supplied by Bazis, as well as defining the router itself as the DNS server (which would only cause the PC to use the default Bazis ones anyway). This was done both on the PC and the router itself.

The problems remain.

These issues occur on three different devices, with different DNS servers set, I believe the fault lies with either your or Kazakh Telecoms network hardware.
I did not think that resetting the TCP/IP protocol stack would be worth doing, as all three devices would be very unlikely to suffer from the same problem at the same time.

I used to work for an ISP in Britain, as a Senior Technical Support Agent, so I hope I have told you all the information you need to fix this problem. If there are other tests you want me to carry out, please tell me.

If you have a modem that you want to test in this flat to confirm the fault is not here, I would be happy to help.

Chris Merriman

Once I actually read their reply, I wasn’t exactly over the moon…

Chris,

Reinstall operating system Windows
or restore her(it) with help of the load disk. Probably after attacks virus she conked…
Earlier beside me was such problem, was not opened mail on www.yahoo.com
If you want that I came to you home and has tested on my notebook, I with joy to you will come…

About 10 GB… There is quota In Kazakhtelekom to speed on loading more 10Gb.
You it is necessary to call me 688-907

Krasnikov (name removed)!

I should point out straight away that they said they didn’t speak English (not a problem, it is to be assumed in this country), but I really hoped the letter I’d sent would give them enough information to not get a ‘reinstall Windows’ reply. Anyway, at some point last Saturday something happened that caused the sites to work again. Whether it was something corrected at Bazis, or further on up the line with Megaline (the real ISP) noticing that some of their hardware wasn’t working, I’m not sure. Anyway, sent this reply…

Thanks for your advice.

Reinstalling Windows really is a last ditch ‘fix’ for any computer problem. The fact that these sites did not work on THREE different devices (XP desktop, Vista laptop, Windows Mobile 6 PDA) indicates this would not have done anything to remedy situation. All three devices are confirmed as virus, trojan, spyware, adware and, in general, malware free. I’ve not encountered any viruses in the last 15 years that prevented that sort of range of sites from loading.

Luckily, at some point during Saturday afternoon, something was fixed somewhere, and the sites worked again. Perhaps Megaline had a routing problem or flakey hardware that is now fixed?
Anyway, I’ll wait until the end of the month, when I get my ‘normal’ speeds again (I understand the 10Gb limit, it is laughably small, but I understand it), before retesting to see if BitTorrents still cause catastrophic failures for all internet based traffic.

Thank you for replying,

Chris Merriman

Tags: , , , , , , , , , , , , , , , , , , , , , , , ,

Jul 09 2008

PayPerPost And SocialSpark Down Again?

Category: PersonalChrisM @ 6:00 pm

See the original PayPerPost and SocialSpark Sites Down post back from June 26th for the last time I noticed a problem. It looks as though the server/data centre is down once more. I’ve checked the main sites, the forum and their blogs, but all are failing to bring anything up. Anyone else experiencing the same problems? I’ve checked around on the Google Blog search, and can’t find anyone else posting on this yet, but that could just be because it is only 8.10am over there right now.
Anyway, hopefully they’ll be up again soon…

Tags: ,

Jun 26 2008

PayPerPost and SocialSpark Sites Down

Category: Internet Connections,PersonalChrisM @ 3:48 am

[EDIT 3]
The site is now up, my thanks to Emily for the heads up. Luckily the opp I took last night and posted on was still available. The requested link had only changed by one word, so I didn’t need to change much in the post at all. Anyway, see below for the original version of this post…

I attempted to enter the details for my last sponsored post through Izea’s PayPerPost scheme, to find that the site was not responding. As I have had problems with my internet recently, so the first thing to do was check if a few other sites were working. Google, a few favourite forums and friends’ sites were all working. So, I opened up NetFront on my phone, waited for the Edge connection to be established, and confirmed that the Izea sites were not accessible via KCell’s servers either.
At this point, I thought I’d try and check Izea’s blog to see if they had posted anything about planned downtime/maintenance issues. D’oh! The blog is based on the same servers, so this didn’t help. I did a quick search, and checked the Google cache of the Izea blog. Sadly, this was five days old, and held no helpful news. Eventually, I checked on Google’s Blog Search, and lo and behold, there are unexpected problems right now, posted on the Izea blog. I could only see a three line intro to the post, as the blog itself is still down, but I at least know it isn’t just me.
I hope they fix the problems soon, it is 4am, and I only have an hour or two to enter the post’s details before I lose my reservation on the opp. That and I need sleep soon 🙂

[edit]
OK, so head on over to here for Izea’s post on the situation.
[edit2]
See the comments below for a quick hello Izea’s Karen. As tempting as it may be to throw my toys around, obviously I understand this is effecting more than just me and my $15 opp 🙂

PLEASE do head on over to the Izea blog post I’ve linked to, BUT just in case there is another hiccup with Amazon’s server this time, I’ll include a copy of that post below…

We’re not quite sure what’s happened just yet, but our data center seems to have gone down. We can’t get voice calls into them to ask why either.

We have people travelling there right now (with large sticks) to see what’s going on, but for the time being at least PayPerPost and SocialSpark are both down.

We will of course be working hard with the data center to restore normal service ASAP.

Update 1 17:06: Just found out that the connectivity between the data center and their main Internet carrier has gone down. This is still not good news in so far as the sites are still down, but for us at least it means less work when they fix it. The machines are actually all up and running just fine, they just have absolutely no-one using them.

Update 2 21:36: Well, the data center has not been so helpful so far. It seems the problem was not the carrier at all, but someone or something in the center itself. The ‘engineer’s (see the quote marks there) haven’t had a clue what’s wrong, haven’t offered us any decent updates and generally just suck. However, they are, at long last, making progress and apparently we should see some servers come online shortly. In the meantime, we’ve deployed static elements of izea.com to an Amazon EC2 server and pointed some of our domains at it. We’ll be posting up a message on those sites soon for those visitors that don’t know about the blog. Hopefully we’ll have gone to a lot of effort to do that though and won’t need because our servers will be visible on the Internet once again.

What a crazy nightmare.

Tags: , , , , ,

Oct 28 2007

Google Strike Again

Category: PersonalChrisM @ 6:16 pm

Yep, just over a week after Google dropped this blog’s PageRank from a 4 to a 3, they struck again. Unless the data centres are having some bizarre little jittery dance, and the PR goes back up again, www.ChrisMerriman.com is now back to a PR of just 2 🙁
This was it’s rank back in early April.
So what changed? Well pretty obviously I now make commercial posts on here, which Google have decided is bad. Links that are paid for pollute the internet. Unless you pay (AdWords) Google for them. Then they are OK. Obviously…
In the last 6 and a bit months, I have received a lot more links from other people, and before any know it alls jump into the comments with obvious statements, a lot of these links were from people outside of the PayPerPost et al scene. A couple of PR6 links, a few PR5s, and a lot of PR4s all made me think I may even get to a PageRank of 5 myself this time Google updated their stats. Not this time…
Combined with Google’s AdSense account banning last December, I am not feeling a lot of love for them.

Tags: , ,

Sep 18 2007

Search Engine Results

Category: PersonalChrisM @ 10:49 am

I have just completed a quick check of how this blog is faring when it comes to search engine results, using Google.
www.ChrisMerriman.com is 3rd for the phrase Kazakhstan Blog, an improvement most probably helped by a recent campaign I ran over at PayPerPost. Unfortunately if you search for Astana Blog , this blog is now just 17th, possibly due to the fact that I don’t mention my home town each time it appears in a blog post – long term readers know where I live, but search engine bots (and new readers now that I think about it 🙂 ) may not be able to figure that out. Though it is mentioned at the top of each page ().
Finally, if you happen to search for Astana Kazakhstan Blog (or the more likely search of Astana, Kazakhstan Blog), then this site comes in at 1st place!

Tags: , , , , , , ,

Sep 13 2007

No Sleep – Average Faces And Gigantic Firewalls

Category: Aware Or Conspiracy Nut...,In The Media,Internet ConnectionsChrisM @ 7:13 am

OK it is 6.55am over here, and I am still up, hoping to catch another WorldWide Wednesday opportunity over at PayPerPost, as I managed to last week (see the Argus post). If it does not appear soon, I shall give up and grab some sleep. The official release time for these opps is Wednesday midday until Thursday midday, EST. Here in Astana, Kazakhstan, we are 10 hours ahead of that time (no daylight saving time adjustments over here), so if I’m lucky, I may not miss the releases whilst asleep.
In the mean time, here are a couple of articles I found interesting…

Although I will not need to get a new passport for another 6 years (and therefore, unless a new law is passed, not have to have biometric information added to it with a RID chip (thats a whole other ‘Aware Or Conspiracy Nut‘ post for another day…) facial recognition is already in use at the passport control areas I usually use when flying home. Because of this, I need to remove my glasses (and also not smile, I recently discovered) to ensure that the cameras in the official’s booths can easily measure the distance between my eyes, nose, mouth size etc. and compare it to the passport photo. Although this software aids the fight against the use of false ID, it is not perfect. This BBC article explains how a researcher has discovered that by averaging different photos of a human face into one composite, both computers and humans make less mistakes comparing real life faces to the photo. This should eventually lead to a higher accuracy rate…
Lastly, we have another article, this time on how the Chinese Great Firewall is not so great when under strain. The article goes into some detail about how the Chinese authorities actually manage the flow of information on subjects they would rather their citizens did not have unfettered access to. However, I would really like to hear from anyone who has some first hand knowledge in this area (are you reading this Gavin?), as I was previously under the impression that the so called Great Firewall of China was infact NOT centrally administered or even based, and that the blocking of sites and information was the responsibility of the different ISPs that serve different areas of China. From previous blog posts I have read elsewhere, a resident of one area in China may find they are able to access sites that someone thousands of kilometres away can not. Anyone able to enlighten me?

[sidenote]
I have just noticed this blog is #1 on Google for the term Aware Conspiracy Nut 🙂

Tags: , , , , , , , , , , , , , , ,

Sep 05 2007

Expensive Cat Poo!

Category: Dasha&KittensChrisM @ 5:37 am

I noticed a few hours ago that the guest toilet room has an aroma wafting out. Up on closer inspection, it was indeed time to clean the cat litter tray. No problem, as long as the contents are not too fresh, armed with a little mesh spade, plastic bag and breathing through my mouth, I don’t mind doing my bit to ensure the kittens have a pleasant experience. (We left it too long once, and were rewarded with a very artistic display on our duvet… never again!) Anyway, I cleared away the contents and clumped up litter, laid some fresh litter in the tray, washed my hands and went back to work…
Ooops, in the time I had been away from the keyboard, TWO $50 opportunities had been released and taken over at PayPerPost! (It is 1K Tuesday again.) Given a straight choice though, I would choose our kittens to be able to go to the loo in comfort over $50 any day. (If it had been the $500 opp also due today, I am not so sure I would not have just hoped they could cross their rear legs for another couple of minutes though 🙂 )

Tags: ,

Sep 02 2007

Fresh Content over at the English Advantage Blog

Category: FriendsChrisM @ 3:21 am

As Walton, the author of the English Advantage blog, is now back in Kazakhstan, posts have resumed over there. He created a post on Slang used in American schools that I found useful, so check it, and the rest of the blog, out when you get a moment. If you happen to be based in Astana, you may also find his business very useful if you have an interest in learning English. Even more so, if you wish to visit America one day, to attend university for example. He has also recently joined up with PayPerPost, so can earn a little extra money informing his readers of useful sites and products.

Post NOT sponsored, the linked to blog’s author is a friend, this post was created for free. Unless his giving me ciggies when I run out count? LMAO

Tags: , , , ,

Jul 03 2007

I Won $10 !

Category: PersonalChrisM @ 2:32 am

As I mentioned a week and a half ago, over at the Happy Alexa News post, I recently entered a competition to win some money. When I saw a thread in the PayPerPost forums from the blog’s author, I was interested in the prize money, obviously. Having checked out the blogs that would need to be linked to, if I wished to enter the competition, I was still happy to go ahead, as they seemed to be pretty high quality, and I honestly think some of my readers will find them interesting.
Suffice to say, having won 6th prize (or equal fourth, depending how you look at it), I am really glad I had a go at the competition, and hope the blogs’ author has received a decent amount of link love to recompense their financial outlay.

Tags:

Next Page »