Archive for the 'Luke Welling' Category

OSCON 2008: SNAP - PHP Taint Tool

Wednesday, July 23rd, 2008

Here are the slides for my talk today at OSCON.

Keep the disclaimer at the start at the front of your mind.

This tool is fragile and not ready to be called alpha quality
It is definitely not ready to be useful on large programs
We will release it under an OSI license … soon

SNAP Presentation (PDF)

A Marvellous, Amazing, Exciting Ink Shopping Experience

Thursday, April 24th, 2008

At least I expect that is what HP has prepared for me. Hewlett Packard keep giving me this annoying nag popup window urging me to install a “simple, smart utility” that “uses the Internet to help you find, compare and repurchase genuine HP supplies” for my specific printer.

HP Printer Ink Shopping

At first glance that does not sound very exciting, but look it is 4.9MB. 4.9MB! - It must be some sort of interactive, fully immersive 3D shopping experience that would put the old boo.com to shame. To require a 4.9MB download, plus an internet connection, I bet they have figured out a way to let you be hundreds of kilometres away and yet still sniff the ink and get paper cuts from paper specially selected for “your specific printer”. I’ll bet you can virtually bathe in Vivera ink and feel it squish between your toes.

I can hardly wait to try it, but I think I am going to try putting it off for a few days longer, so that anticipation will help me to truly savour the experience. Besides, I am a bit busy today, and figure I really should wait until I have half a day to properly devote to the delicious, invigorating ink repurchasing extravaganza that awaits me.

Jim Mirkalami Update 2: Small Claims Court $10000

Monday, March 31st, 2008

When I got Jim’s initial threat, I naturally treated it with the seriousness it deserved. After careful consultation with my army of high priced lawyers, I replied:

Thanks for your interest in my blog.

Unfortunately, I get so much fan mail that I cannot respond to all of it personally, but rest assured that I do read and appreciate all of it.

Cheers,

Luke Welling.

I am kind of flattered that he thinks this blog is important enough to waste $75 filing a Small Claims Court Complaint in Ontario.

I am pretty sure emailing me a blurry PDF does not count as serving me with the document, but what I know about Canadian law would fill a very short book. I guess I will need to read up on it one evening. I am still not sure any amount of reading will find a Canadian law matching the complaint “Un-authorized[sic] publication of my personal name (un-konwingly[sic] at first knowingley[sic] and willingly after) cuasing[sic] seriouse[sic] damage to my reputation”.

I do hope he is also suing the schizophrenic, voice hearing brother for the initial unauthorized use of his name. If me using it once is worth $10000 worth of reputation, then the brother plastering it all over the internet must be getting a huge bill.

When I am served properly, I guess I will have to reply. Until then, here is the blurry PDF of the complaint. It looks real enough to me, but I suspect the court might have more luck communicating with me if he included a country in my address.

Jim Mirkalami Update: Legal Threats

Monday, March 31st, 2008

I got email today from somebody claiming to be Jim Mirkalami threatening legal action. I say “claiming to be” because the last person claiming to be Jim, later claimed that they were his brother Bryan or Seyed B. Mirkalami and claimed that Jim “does not know what is going on on the net, he is not an internet savey[sic] type person.”

The original of the Bryan or Seyed B. Mirkalami post may have been taken down by quityourdayjob.com.au, so you might have to look to a cache.

Anyway, here is the email in full. Unless somebody can point me to a law making it an offense to publish a name without authorization I am not going to lose sleep over it. I have looked back and my post on Jim Mirkalami does not seem defamatory.

Subject: Un-authorized publication of my name

Mr. Welling

My name is Jim Mirkalami and it has come to my attention that my name has been published within your website/s and blogs, without my authorization.

I hereby request from you to immediately remove any and all references made to this name and refrain from such publications in the future without my authorization.

Your immediate attention to this matter is greatly appreciated.

I will have no option but to commence legal action in an effort to protect my name, if my request is denied. I will be doing so a week today on Monday
April 7th, 2008.

Thank you
Jim Mirkalami

Well funded web2.0 one day, blurry clip art the next.

Thursday, March 20th, 2008

Here is a postscript to a failed and forgotten Web2.0 venture.

The summary for a story about botnets was decorated with blurry clipart that seemed familiar to me.
From theage.com.au March 21, 2008

Talk about “rooster one day, feather duster the next”. The the logo from officepirates.com is now relegated to blurry clipart status. Although as I said back then, that venture elected to skip over the rooster stage, and take a more “turkey one day, feather duster the next” trajectory.

Sweeping Bad Press Under The Rug Using Junk Blog Comments

Tuesday, February 12th, 2008

I noticed an interesting comment on this blog while deleting comment spam a few days ago.

1. Jim Mirkalami Says:
February 6th, 2008 at 6:25 pm

I have been a frequent visitor of this blog for some time now, so I thought it would be a good idea to leave you with my thanks.

Regards,
Jim Mirkalami

It has that “almost certainly spam but hard to be dead sure” feel to it that a lot of spam comments have. Strangely although it is an optional field, he gives yahoo.com as his website. This seemed even stranger when you note he seems to have his own website (jimmirkalami.com) unless there are two single fathers of two with that name in Ontario.

It seems like a pretty uncommon name, so I google for him. The first few links are news stories alleging questionable ethics in Canadian Auctions for jewelry and Persian rugs. Curiouser and curiouser.

Of course, I am only guessing that it is an uncommon name. It could be the equivalent of Smith in the middle east. It certainly seems fairly popular in among Toronto rug merchants.

Here is my theory.

I’d be upset if the first google result for my (fairly uncommon) name led to a page that started “No charges laid …”.

Knowing a little about SEO and the way google ranks pages, I think you could fairly quickly bury those stories by commenting on a lot of blogs. It would be harder if the story was all over major media. Not many blogs have a pagerank that can compete with CNN or the NYT (pagerank 9), but Google ranks local media about on par with a popular blog. There are no shortage of blogs with a pagerank around 5 or 6. Google only gives canada.com 7.

The comments appear to be somewhat targeted. They seem to appear on blogs (but not always posts) that mention the word ‘auction’ or the word ‘Canada’. There are automated comment spam tools that will find suitable blogs for you, or in a little more time you could do it by hand from any of the blog search engines. A few days later he commented on another post of mine that does contain the word auction (because it is about ebay).

The text of that comment is

Jim Mirkalami Says:
February 8th, 2008 at 3:13 pm

I have been visiting this site a lot lately, so i thought it is a good idea to show my appreciation with a comment.

Thanks,
Jim Mirkalami

PS: I am a single dad! ;)

Other ones you will see around the place are:

Tammy kingston, on February 5th, 2008 at 5:18 pm Said:

Jim Mirkalami, the very globally highly regarded auctioneer, is a peaceful man single father of two beautiful children. He is also a regular reader of this blog. Great job you ppl!

Aslan, on February 7th, 2008 at 10:06 pm Said:

He is a kind and very loving man.

I don’t know who Tammy is. I get no useful search results for “Tammy Mirkalami”, but I am guessing she is from Kingston (which is near Toronto). I am guessing the Aslan above is more likely to be Aslan Mirkalami (owner of rugman.com) than a lion king from Narnia.

Does this variety of reputation management work? Sure does. A few days later, and at least the top 10 pages of search results for his name are all blogs. The negative press is presumably still indexed, but has dropped way down the list where only a dedicated searcher will find it. He many have overplayed his hand though, as the first result at the moment is a blogger calling him a spammer.

So here are some morals to this story.

  • If you are going to have dissatisfied customers, make sure you have few enough that only local media cover the allegations.
  • Commenting furiously on blogs will give you Google results that effectively act as noise
  • Try to tailor the comments to the blogs a little. It would not take much more time, and would make the effort invisible.

Oh, and surely you already knew that whenever you buy anything (including rugs and jewelery) valuations from the seller are worth only slightly more than the paper your blog is written on.

New Wordpress Version (With Security Fix)

Tuesday, February 5th, 2008

If you have a WordPress blog it would be worth your time to install this update to 2.3.3, or at least replace xmlrpc.php.

This is being actively exploited. It would also be worth checking your old blog posts for subtly inserted links in the article text. You might find words that were in the original article now link to spam parking pages.

You Used PHP to Write That?! - Uh yeah.

Monday, February 4th, 2008

I have gotten pretty good at staying out of language flame wars recently. Usually, when some wide eyed neophyte wipes a trickle of Kool-Aid from their chin and says “Ruby is sooooo much better than PHP”, I just say “uhuh”. I can’t be bothered opening a can of Terry Chay on them and I don’t really see the point. I can’t even usually be bothered saying “uhuh, that is why Twitter is the only A-list Web2.0 site built with Ruby and it is down all the time.”

Every now and again though, I just can’t help taking the bait.

You used PHP to write WHAT?! by Kenneth Hess on CIO.com grates. PHP programmers in general are pragmatic. It is not generally a language chosen by purists and zealots who latch onto one tool and claim it to be perfect in every way, and appropriate for every task. There are plenty of people with deep PHP knowledge who could have written an insightful article fitting into the CIO series’ theme that no one language is right for all applications.

Pap annoys me more when it appears in something claiming to be mainstream media than when it appears in some loser’s blog. Traditional media, while possibly doomed, does employ editors and generally attempts to check facts.

Well, sometimes they check facts. Ignoring the subjective parts that are merely the authors opinion, this article has so many simple factual inaccuracies that it is laughable. I assume the author does not have a great deal of experience with PHP.

Given he claims you can port an application from one database to another with minimal effort by running find and replace to swap mysql_query() with mssql_query() it seems likely that he has never written a non-trivial application in any language. So his major claim that PHP does not scale is presumably based on conversations he had with the fairies that live at the bottom of his garden.

Maybe it is just that Java fanboys push my buttons more than Ruby fanboys. Maybe it is just that damning with faint praise is more annoying than overt attacks. Barack Obama is “articulate“. Australia is “lovely” and reminds Bill Bryson of Iowa in 1958. PHP is good for “Creating an intranet site”. Come on!

Actually, it is might not not even be the factual inaccuracies and unsupported assertions that irritated me most. When I hear “enterprise” used as an adjective and not a punchline I involuntarily clench and it is there five times on one page.

Postscript: A couple of days later, Terry Chay could not resist opening a can of Terry Chay on them.

On Open Source: PHP Video Podcast

Saturday, October 20th, 2007

At OSCON this year Laura and I recorded a video podcast for Informit. This is part of Informit’s podcast series On Open Source.

Maybe I should have waited until I have had time to watch all of it and see if I want to encourage people to watch it, but here is in two parts anyway.
Part 1 and Part 2

We talk about books, Laura travails against frameworks, I talk about security, we talk about how we got into PHP, and I probably compare Java to something unpleasant.

Hello world!

Monday, January 30th, 2006

It has reached the point where nearly everybody I knew has a blog. Some of the people I know even have pets with blogs, but that is what happens when you associate with nerds.

Of course 86% of the bloggers I know long ago got bored with updating their blogs, and left them lying around gathering dust.

Here then, is my blog. It too, stands about a 5/6th chance of getting abandoned.