Technology - Page 22

Framed!

This is a story of some of the dark corners of the internet, with a puzzle at the end and a request for advice…

Our story starts a few weeks ago. I had installed Statcounter on the blog postings to keep an eye on who visits my blog and why, with more information than you get from perusing access logs (I have those too). I also like following links back to referrers to see why they’re linking to my site, when I have time. A few weeks ago I noticed what looked like a spam site linking to my blog — you know the type of URL, it’s some nonsensical combination of letters and digits. So I followed it back, only to find that it was a complete frame of my blog. View source showed only that my site was being framed. No other content was being added as ads, as meta content, or anything else that I could see. Nothing that explained why they’re doing this.

So I looked up the whois for the site, discovered it’s hidden by a company called “Domains by Proxy”, which specializes in hiding registration data for web sites. They have lots of information on their site about how they cooperate with law enforcement if people are doing something illegal, which leads me to suspect that unless you can prove someone’s doing something illegal they won’t do anything or even talk to you. Not that I tried talking to them, since simply framing my site isn’t illegal, or even contravening my Creative Commons license. It is, however, highly suspicious.

A little more investigation was in order; the number of hits on my website from this site were increasing and other versions of the URL were showing up. The URL was of the form “aff” followed by “0000” followed by a number, followed by .com (yes, it’s circuitous, but I don’t want my site linked to theirs in search engines, for reasons that will become obvious). I checked out and found that all numbers from 1 to 28 pointed to my site. So someone paid to register 28 domains, host 28 domains, and put in HTML to point to my site? None of the URLs showed up in the common search engines, but somehow they were being clicked on, seemingly by real people (spread of ISPs across the world, different OSes, screen resolutions, and browsers, all staying for approximately zero seconds).

I contemplated putting in some frame busting code but decided to wait a little and see what happened, in case they were just getting ready to do something. In the meantime more of these sites start pointing at mine. And finally one of them showed up in a search engine, and there it points to an adult site. One of those ones that may not be safe at work, at least judging by the front page. In which case the frame busting isn’t the answer anyway, the people visiting this site don’t want to see my musings on technology, motherhood, or knitting, they want the adult content they expect.

Tim had the bright idea at this stage of using a command-line fetch on the “aff” sites and found that the index page returns a list of potential misspellings of the adult site’s name. About 10000 of them. The other sites return similar lists; number 28 only returns about 7000 misspellings. If you search for one of these misspellings in a common search engine, you land on an “aff” page, which then redirects you to the adult site. But only if you come from a search engine. If you type in that site name in the address bar, the redirect sends you to my blog.

So I have a couple of questions, and would appreciate any thoughts or experiences you have.

Why are they not redirecting to the adult site, which is probably what the people who are clicking on an “aff” site probably want? Why send them to another site?
Related question: why me? Why someone who writes about technology, and not someone on some free hosting site who may not even notice the increase in traffic, let alone get suspicious about it?
What do I do about it? I could block people from “aff” site from linking to my site; receiving a “Youâ€™re in timeout.” message (error 403 as seen by Mark Pilgrim) might have some effect. One related question to this is why people are going to an “aff” site anyway; since the “aff” sites redirect people coming from search engines to the actual adult site itself one could suppose nobody would ever click on it. Tim suggested people might be curious; they see the URL in the search engine listings and type it in the address bar to see what’s there.

The adult site itself does have a technical contact in the whois registry but the purveyors of the “aff” sites might not be them. Suggestions welcome… the hits I’m getting have grown from nothing a few weeks ago to now being a substantial part of the direct hits on my site so it’s a problem I want to solve soon.

Pat’s Lightbulb

I have the good fortune to work with Pat Patterson at Sun and one of the things we discussed quite a lot shortly before I went on maternity leave was how to make it easier for people to use Liberty protocols for their identity needs. One of the complaints I’ve heard is that there isn’t enough sample code in the world showing how to use and implement SAML. Given that Sun’s Access Manager does implement SAML, along with various other Liberty Alliance standards, it seemed like it should be possible to put together some sample code that uses Access Manager. And, given that Access Manager is now open source as part of OpenSSO, it made sense to create another open source project. But, this project should use languages other than Java, to give the LAMP (or MARS) developers and implementors some code that they can use, tweak, and further develop. And put back into the project of course <grin>. I came up with a bunch of useless names, and Pat came up with Lightbulb (goes with LAMP). Then as I waddled off into maternity leave, Pat did the programming and came up with a way to implement a SAML 2.0 service provider in pure PHP, without even needing the OpenSSO or Access Manager code.

Pat’s giving a webinar on this tomorrow morning Pacific time; you need to register for it first.

We’re hoping that other people will contribute relevant code, in any language, for people to use when they want to implement or integrate SAML capabilities into their systems, whether they’re blogging systems, wikis, or anything else where identity management is useful. The project is located here; it’s easy to join, add a sub-project, and commit some code. Or just browse and see what’s there and what’s useful. Have fun!

On the Air Again

The moving went relatively painlessly, although I should really have waited until the DNS move had taken effect before killing my DYNDNS account, since that meant the site was out of commission for a little longer than absolutely necessary. Mind you, that was probably all of two hours, so not a big deal. Everything should now work again as before.

The quick version of the steps I took to move Anyway:

copy all the WordPress files and relevant plugin files to the new ISP site
clean up the MySQL database as much as possible to cut down on size; mostly deleting SpamKarma logs and old comment spam
deactivate all the plugins except the spam fighter
export the MySQL database to SQL statements (I use phpmyadmin for this)
import the MySQL database to the MySQL database set up on the new ISP
make sure the config.php file has the right configuration settings
notify the domain registrar of the new DNS settings
delete the relevant part of the dyndns account (that could have been done later)
wait
once host laurenwood.org shows the new DNS has taken effect, run the WordPress upgrade script
turn on the other plugins
run xenu to check for any broken links

My web site does seem faster now, and my web surfing is no longer competing with the spam comments for bandwidth, so I’d say it’s a win all around.

Moving Hosts

Our PC in the basement is getting overloaded with my site (spam attacks are on the increase), so I’m moving Anyway to a hosting service. It will probably take a day or two to get the wrinkles ironed out and the DNS routing hooked up properly; I’ll post again when it’s all set.

CfS: NV2007

Enough acronyms for now — the Call for Speakers for NorthernVoice 2007 is open! Northern Voice is Vancouver’s blogging conference, focussing on personal blogging. This means talks on how to solve some company’s PR problems are not really in scope, though tips on how to run a personal blog when you’re also an executive at a well-known company would be. We’re doing the two-day version again, where MooseCamp is an “unconference” on Friday February 23rd, 2007, and the conference proper is on Saturday February 24th, 2007.

In previous years we’ve held the conference downtown in Vancouver, but we couldn’t get the space we wanted this year. So we’re going out to the UBC main campus, way out west in Vancouver, about as far west as you can go without falling off into the Georgia Strait (note, it’s still in Vancouver proper, south of the Lions Gate bridge). Cyprien managed to get us space in the Forestry Sciences Centre (photos) so we can have all the space we need for talks and the self-organized childcare. I think this will be a fun conference, particularly as I’m not planning on being anywhere else the week before. Last year I was jetlagged, having got back from a trip to Rome the night before, and I still had a good time at the conference.

Other members of the organising committee have blogged it already: Boris, Brian, Darren, and Kris all have their takes on what’s important about this conference.

At the selection meeting I’ll be looking for proposed talks that cover one or more of the groups of people we’ll have in the audience. As a side-note, please don’t just say you can talk about anything. That really doesn’t help us figure out who should talk on what — if you have an idea and we think a variant of it would work better, don’t worry, we won’t be shy in asking you to change focus a bit! I expect we’ll have fewer newcomers to blogging, although we will have some of those; to make up for it I expect we’ll have a certain number of people who feel they’ve already said everything that they can say and want to some tips on keeping up the excitement and interest in what they’re blogging. We’ll have some people who want tips on how to incorporate photos, video, or audio better, and some who still aren’t sure what style sheets are all about. In your speaker submission, tell us who you’re aiming at and what knowledge they need (or don’t); this will help us figure out how to put everything together. This is a fun and educational conference and good speakers are part of that, so please put a bit of time into those submissions to make it easier for us to pick out the good speakers! The deadline is November 28th, and this is a real deadline. Please do use the form and don’t just send us email as we want to make sure we don’t overlook any suggested talks, or lose them in somebody’s over-eager spam filter. Oh, and by the way, let us know of talks you’d like to see, even if you don’t want to give them.

Liberty Deployments

It’s good to see analysts writing sentences like “the Liberty specifications are resonating with major IT user organizations” (quoted in an InfoWorld article entitled E‑government Group forms within Liberty Alliance). It shows that the Liberty specifications (and not just federation) are being implemented and deployed.

Which brings me to the main point of this posting — if you know of Liberty deployments that are worthy of public attention, propose them for the Identity Deployment of the Year awards. Nominations close on Monday, August 21st, and the judges are waiting to see what you can nominate! The winners will be announced on stage at Digital IDWorld. I’m hoping we get to see some deployments that are illustrative of the wide range of problems that Liberty Alliance specifications solve. Paul of course wants a People Service implementation to win; are there any cool ones out there that will sway the other judges as well?