Recovering the system on the Acer Aspire One

My Linpus-based Acer Aspire One worked well for about three days, until I allowed Live Update to update the system. After the update, the Network Manager disappeared, along with all wireless AND wired networking capabilities and the ability to recognize USB drives.

The recovery DVD instructions explain that if you don't have a USB DVD drive, you can create a recovery drive from a USB memory stick. However it has to have a usable capacity of 1GB or greater. My only USB stick is just 1GB which I of course tried, but found that the end result was not bootable. Although it was late Sunday night, I found a 2GB drive at the local Walgreens for $19.00, which helped immensely with the feelings of frustration.

The recovery CD booted up just fine on an Intel iMac (insert the DVD, restart the iMac, and hold down the "C" key until the DVD boots), and it recognized the USB memory stick. It takes about 6 or 7 minutes to create the recovery image, but it booted up perfectly and restored the Linpus system without any problems. My networking is back, and I'm going to be very careful about allowing updates from now on. And, I'll keep the USB stick handy, just in case.

dotProject Recipe: speeding up DotProject

I run a dotproject site on a hosted server. Once more than a few people began using the site at once, we found that peformance was dropping enough to warrant looking into optimization possibilities. So far, it seems that there are two main steps to take: turn on caching, and add indexes to several tables in the database.

1. Turn on caching in gacl.class.php

In the file gacl.class.php, change the following settings to TRUE and FALSE as shown:

	/** @var boolean Caches queries if true */

	var $_caching = TRUE;


	/** @var boolean Force cache to expire */

	var $_force_cache_expire = FALSE;

2. Add indexes to tables

Per a post on the dotproject forums, Re: Speed of dotproject is slow... by
shekh_juneja
I added indexes as shown to the following tables:

ALTER TABLE history
ADD UNIQUE `history_id` (`history_id`),
ADD INDEX `history_date` (`history_item`, `history_table`, `history_date`);

ALTER TABLE projects

ADD INDEX `project_id` (`project_id`, `project_company`, `project_name`),

ADD INDEX `project_percent_complete` (`project_id`, `project_name`, `project_color_identifier`),

ADD INDEX `project_id_company` (`project_company`, `project_id`),

ADD INDEX `project_id_task_search` (`project_id`, `project_company`, `project_name`, `project_color_identifier`);



ALTER TABLE `user_tasks`

ADD INDEX `user_id` (`user_id`, `perc_assignment`),

ADD INDEX `perc_assignment` (`perc_assignment`),

ADD INDEX `task_id` (`task_id`);

ALTER TABLE users

ADD INDEX `user_id` (`user_id`, `user_contact`, `user_username`);

__________________

After making these changes, the speed was tremendously improved.

LiveUpdate breaks WiFi on Acer AspireOne

A few days ago, I allowed a LiveUpdate on my new Aspire One. After the update, wifi stopped working. In addition the removable drives (smart cards or keydrives) are no longer recognized. Apparently this is a widespread issue, and not just on the Linux version.

A few moments after it finishes booting, the error "Failed to Initialize HAL" is displayed, and a search produced this thread:

Re: Live update on 18/9/08

I tried all the suggestions on this and other similar threads, and have pretty much determined that some key files must be missing. Next thing to try will be to restore from the install disks and start over.

Enable the advanced menu on the Acer Aspire One

The Acer Aspire ships with Linpus Linux configured to be extremely simple to use. It is likely that you will soon find the simplistic interface too restrictive. To get to the functions you can't see, you must enable the "Advanced Menu."

Go to "My Files". Select from the window menu File>Terminal.

In the terminal type:

xfce-setting-show


This brings up the Xfce Settings window. Click the "Desktop" icon, and the Desktop Preferences window will appear. Click the Behavior tab, and select "Show desktop menu on right click. Close the window. (Note: If you cannot see the "Close" button on the bottom right, you can just click the red X in the upper right. Many Acer windows are a little too big for the screen. )

This enables the right-click advanced menu. When in the Home window, right click on one of the empty spaces, and you'll see the new menu.

Thanks very much to the many users of the AspireOneUser Forums for this tip.

Java 1.6 and LiveConnect

If you are having problems with applications which use liveconnect, you may find it helpful to know that there are some issues with certain updates of Java 1.6 and Liveconnect. I've found that sometimes installing early access update 10 fixes the problems. This issue came up because our Docent 6.5 LMS uses Java as the SCORM API adaptor and the learning modules stopped connecting to the LMS in some cases because of this problem.

Early access update 10 is available here

Scroll to the very bottom of the page to the "Download" section and download either the online or offline installer.

A discussion on Java 1.6 and LiveConnect is here

Cleaning up and Preventing HTTP Injection Attacks

I recently had the (undesired) opportunity to learn about HTTP and SQL injection attacks. It took a great deal of effort to diagnose and clean up, but hopefully what I learned from the experience may help you prevent these attacks on your own site or clean up after such an attack.

I first found out my site had been compromised because one of the subdomains started displaying "403" errors (permission denied) and one of the users notified me that the site could no longer be reached. At this time, the rest of the site seemed fine, so I had not noticed anything was wrong with it myself.

On examining the subdomain files, it turned out that the .htaccess file had some new directives written into it, which had the effect of blocking all access to the site. When I further examined the file, it appeared that the actual intent had been to redirect only the users that arrived at the site through a search engine, while allowing direct visitors to see the site as usual.

The redirected users would be sent to a malicious php page hidden elsewhere on my site. Fortunately, the new directives in the .htaccess file were not correctly written, so the net effect was to block the site completely. If it had been correct done, it would have taken much longer for me to notice the hack, because I don't go through a search engine to look at my own sites. So now I check my site every so often by searching for one of the articles on Google, and clicking through.

The vulnerability that allowed this hack was probably an obsolete version of Movable Type, which I had not kept up to date.

Using this port of entry, they were able to write to the .htaccess files, add the malicious files to obscure directories elsewhere on the site, and write javascripts to miscellaneous existing files.

According to one site "the first step in such an attack is to insert an MD5 checksum which alerts the bot controllers that the pages are vulnerable to attack, which then occurs at a later stage. " In my experience the checksums and directives show up at the same or very near the same time in the .htaccess files.

An example of an MD5 checksum from the corrupt .htaccess file:

# a0b4df006e02184c60dbf503e71c87ad 

After the checksum there are URL rewrite conditions which are followed only if the browser arrives from a search engine.

RewriteEngine On 

RewriteCond %{HTTP_REFERER} ^http://([a-z0-9_\-]+\.)*(google|msn|yahoo|live|ask|dogpile|mywebsearch|yandex|rambler|aport|mail|gogo|poisk|alltheweb|fireball|freenet|abacho|wanadoo|free|club-internet|aliceadsl|alice|skynet|terra|ya|orange|clix|terravista|gratis-ting|suomi24)\. [NC] 

RewriteCond %{HTTP_REFERER} [?&](q|query|qs|searchfor|search_for|w|p|r|key|keywords|search_string|search_word|buscar|text|words|su|qt|rdata)\= 

Next came the actual redirection directive:

RewriteRule ^.*$ /path-to-theinsertedfile/axorak/ex3/t.htm [L] 

Step 1 was to clean up all the bad code from the .htaccess files. The directives were somewhat hidden from view by having hundreds of spaces inserted at the beginning of each line, so you could not see them in a code editor unless "word wrap" was turned on.

Movable Type has permissions to write static files to the server, so I'm guessing they used SQL injection or http injection to somehow take advantage of that feature to write to the .htaccess files. So the first order of business to fix this mess, after deleting all the spurious directives from the .htaccess files, was to install the very latest version of Movable Type.

Step 2 was to download a copy of the entire site and do text searches for suspicious items and clean them all out. My webhost's support team did some a lot of cleanup using phpshell, but even they missed some of the hidden files that I managed to find this way.

Some search terms to use:
"yandex|rambler|aport|"
"e0fa4c4356551c94"
"document.getElementById('hr').click()"

The malicious javascripts were either inserted into existing files, or in newly added HTML files which were buried deep within many nested folders. It is crucial to find every single one.

Step 3. I added my own directives to the .htaccess files per the suggestion of this page and other similar ones:
7 tips to optimize Joomla! security and prevent getting hacked

Step 4: I went through my entire site and removed or moved out of web accessible folders anything that didn't absolutely have to be there, including old backups, draft versions of scripts, test versions, etc.

Since then, things have settled down, although on checking logs I've noticed plenty of attempts to hack the site. If you notice entries that include something like:

"GET /pathto/somefile.php?p=-1+UNION+SELECT+426001,426002,426003,426004,426005,426006/* 

then your site is being scanned for a possible sql injection attack, often to attempt to retrieve administrator passwords or bypass them entirely.

Another site recommends modifying the php.ini (and Apache httpd.conf file if applicable) to set allow_url_fopen to off. (The default is on).

Update
Xandroid on Slashdot makes this suggestion to set up an automatic check for .htaccess hacks:

Something you may consider: make a backup of a known-good .htaccess, and set up a cronjob to `diff --brief` the two frequently and email you if they're not the same. I've done this with a list of all the PHP files in my account on a shared server:

7 */4 * * * cd $HOME; find . -name *.php >tmp.phpfiles.txt; if [[ -n "$(diff --brief tmp.phpfiles.txt phpfiles.txt)" ]]; then diff tmp.phpfiles.txt phpfiles.txt | mail -s "new PHP files" YOUR@EMAIL.ADDRESS; fi; rm tmp.phpfiles.txt

Pot-bellied Piglets

This pot-bellied piglet is about 10 days old, and lives at Domino's petting farm. We were told that these pigs are mostly used as pets, are very smart, and keep their enclosure clean. There are about 20 of these little critters running around in the pen, and they all sleep together in a long line.

Extra! Extra! This Piglet featured on Cute Overload!

... and here are a couple of his many siblings!

Autism - anecdotal evidence and possible link to gastrointestinal infection

Research on the causes of autism is still at the stage where many etiologies seem possible. Althought a genetic link is likely, it may play a role of predisposition to another factor rather than being the only necessary and sufficient cause of autism.

One such connection being explored is the role of gastrointestinal infections in promoting autistic type behaviors.

This blog entry written by an occupational therapist refers to improvement in a young patient's autistic type behaviors after she was treated for a Clostridium Bacteria infection.

The most recent blood tests found raging internal infections in little Miss S! Infection so out of control that the levels have to be brought down through dietary supplements before they can medicate her, so that she doesn't go into a coma! Her infection is in the Clostridium family- from the makers of the hospital-dreaded C.Diff. New doctor sez that there are studies that connect clostridium infections with autistic symptoms in previously healthy rats. I found this abstract (but, since I am no longer a student, I no longer have awesome online library access, and cannot access the whole article). Anyway, this guy is saying that a chronic C. tetani infection (also causes tetanus) is linked to an increase in stereotypical autistic behaviors. The doctor told mom that curing this infection won't 'take away the autsim' but could reduce some of her behaviors and improve some of her skills. I had never even heard of this, but will be anxious to see the results. Miss S's diet changes have had incredible effects on her behavior, and though the RD at the hospital tells me that while there's no evidence to support these diets, the anecdotes are highly supportive.

The theory that gut infections with Clostridia play some sort of role, particularly in late-onset autism is explored in articles like this one (Med Hypotheses. 2008;70(3):508-11.):

Therapy and epidemiology of autism--clostridial spores as key elements."

... intestinal bacteria, specifically clostridia, may play a role in certain cases of autism and hypothesizes that the clostridial spores (which are notably resistant to antimicrobial agents and commonly used germicides) are involved in: (1) relapse in the autistic subject after a response to an agent such as oral vancomycin, after the drug is discontinued, (2) the unexplained increased incidence of autism in recent years, and (3) the unexplained increase in numbers of multiple cases in the same family...

However another article (Acta Paediatr. 2007 Jul;96(7):1076-9.) found no indications of active intestinal inflammation in 22 out of 24 autistic children they studied:

...One child who previously had a severe Clostridium difficile infection displayed raised levels of both these inflammatory markers and one child with extreme constipation for whom only calprotectin was possible to measure had raised levels. The remaining children displayed results that did not indicate an active inflammatory status in the intestine when the two inflammatory markers were combined. ...

No evidence for a clear link between active intestinal inflammation and autism based on analyses of faecal calprotectin and rectal nitric oxide.

Several articles mention the benefit of therapy with the antibiotic Vancomycin in late-onset autism:
Short-term benefit from oral vancomycin treatment of regressive-onset autism." (J Child Neurol. 2000 Jul;15(7):429-35.)

"...a subset of children appears to develop normally until a clear deterioration is observed. Many parents of children with "regressive"-onset autism have noted antecedent antibiotic exposure followed by chronic diarrhea. We speculated that, in a subgroup of children, disruption of indigenous gut flora might promote colonization by one or more neurotoxin-producing bacteria, contributing, at least in part, to their autistic symptomatology...."

"...Entry criteria included antecedent broad-spectrum antimicrobial exposure followed by chronic persistent diarrhea, deterioration of previously acquired skills, and then autistic features. Short-term improvement was noted using multiple pre- and post-therapy evaluations ..."

For more articles on this topic, see late-onset autism and clostridia