Archive for Computers & WWW

Anti-Spam Effectiveness

What website are you looking at? Sounds a simple enough question right? Well for a human maybe but perhaps not for a CAPTCHA reading online bot. A problem that’s plagued bloggers and forum administrators for years is how to stay ahead of the comment/post spam that invariably results from putting one of these sites online.

The solution until about a year ago has been to go for a centralised solution like Akismet or make your CAPTCHA ever increasingly harder to read and thus harder to crack. Unfortunately the latter has simply increased the number of frustrated users resorting to e-mail to ask for access or giving up altogether. Akismet has stayed ahead of the curve and for one-off comments on blogs and other types of media has proved invaluable. For forums however there isn’t really a reliable connection between most forum systems and Akismet and administrators have been left wondering what to replace their ageing, difficult to read and fundamentally ineffective CAPTCHAs with.

Welcome the Q&A. While this concept has been around for a while, Q&A really comes into it’s own when you factor in randomisation. If a particular style of CAPTCHA is in use by many sites then it’s well worth a spammer trying to crack it as they reap large rewards. Custom solutions on the other hand have the advantage that unless you run a huge site like BBC News, they’re not going to be worth cracking as there are easier rewards to be reaped elsewhere. While you could use a custom CAPTCHA this requires some effort and you’ll probably end up re-using someone else’s code which defeats the uniqueness objective. This is when we resort to the simple question, unique to every website. Where am I? Who is my admin?

Having implemented such unique questions to all of my forums recently I can report a resounding success. No automated registrations leaving just the handful of spamming manual ones which are easy to weed out of an early morning. The big bonus here is legit users find it a doddle to register as they either know by heart or can easily look up the answer. I also now have the slightly tangential advantage that if I were to start getting automated registrations again then my sites may well have become as popular as BBC News which would certainly bring a smile to the face.

Comments off    

Push e-mail on an iPhone or iPad

When you search google for a similar phrase to the title of this post you usually get a fairly stock response; use exchange, mobile me or gmail and you can have push e-mail by simply activating it in the mail settings. The thing is, most people who search for the above know this already. What they really want to know is how they can push e-mail with a conventional e-mail account that they may have from a hosting provider and access through thunderbird or outlook.

With BlackBerry, push e-mail is really simple. Just provide the setup screen with your IMAP enabled e-mail address and password and BlackBerry will start pushing e-mail to your phone. With iPhone and iPad it can also be that simple without changing your mail provider or e-mail address but to get there we need a step in between. I call this the fake exchange server.

A little known sourceforge project called z-push holds all the answers. Essentially by installing this PHP code on a web server and setting up a config file or two we can fool an iPhone or iPad into thinking it is talking to a Microsoft exchange server and get genuine push e-mail from a standard IMAP e-mail account!

To get started you’ll need the following:

  • A web server
  • Copy of Z-Push code
  • The details of your IMAP e-mail server

Don’t look with concern at the first requirement. You can probably make use of a shared hosting account for this, or if you were prepared to go out and spend on mobile me then you will probably be able to spend less and get your own VPS, which, if you intend to push a lot of mail, might be a better bet in the long run anyway.

Configure your web server to support SSL and install PHP. I won’t go into detail on how to do this as there are plenty of online tutorials for this already that you can google. The SSL bit is important as this will ensure that e-mail traffic from your iPhone or iPad is encrypted which is essential if you have a habit of using open WiFi connections while on the move. If you’re doing things on the cheap and using a home server then make sure you have a static IP at home. You can get a free SSL certificate from the fine folks at StartSSL.

Once your server is up, follow the instructions for installing z-push from their website. In practice I found that the stable version was far from it and didn’t really work so opted for the 2.0 alpha version. Try your luck and see what you get. There is a forum on the z-push site from where you should be able to obtain help if you need it.

With z-push installed and configured as per your IMAP e-mail server settings, you’re ready to try your luck from your Apple device. Head on over to e-mail accounts and delete the current entry you have. Once you have done this, select to configure a new account and choose Microsoft Exchange. Enter your e-mail address, username and password. Leave the domain blank and SSL on. Often your username and e-mail address are one and the same although this can vary. It’s unlikely that just these details will connect as you’re pushing mail from your dummy server, so you’ll be prompted after a few seconds for a server URL. Enter the domain name on which you have installed z-push.

Assuming all of this is accepted by your Apple device, you now just need to go to the fetch new data settings, enable push and and change fetch to manually. Open up mail and if all is working you should see your e-mail in folders. If so your final test will be to return to the home screen, send an e-mail to yourself from your PC and watch the iPhone/iPad. You should see the e-mail arrive within seconds. If so, you’re pushing mail!

At the close of this article I’d like to mention that my ability to investigate this scenario and write up the solution is due in no small part to the generosity of Stinky Ink in them putting up an iPad2 as a prize in their WordCamp UK competition, many thanks once again!

Comments off    

Foursquare Auto-Checkin

Having been a recently new joiner to the foursquare phenomenon I’ve quickly decided that I like it and that it’s leaps and bounds ahead of Facebook places. That being said, it’s not without issue. The main one being that there are places I regularly frequent that I want to check into, but don’t wish to publish on twitter. “You can do that!” I hear you cry, well yes, you can, but you still have to get your phone out of your pocket.

To me, getting one’s phone out of one’s pocket should be to actually say something, such as “I’m at somewhere new” or “I’m at somewhere I normally visit but I’m here for longer this time, come and join me”. If I’m just heading to the office or going home, I want to log that onto the statistics but not shout about it. While there is of course an option on the mobile app to do this, I have to specifically choose that option. In reality, what I really want to do is only to touch my phone if I have something to say, otherwise let foursquare do the work for me.

Enter the API! I have long been a user of google latitude. This little known service allows me, via a private API key, to retrieve the latitude and longitude coordinates of my phone wherever it is. I used this feature to track my road trip progress and it worked very well. To this end, knowing that foursquare is primarily powered by coordinates and I always have access to mine, I decided to stick my coders hat on and program my way to lazy foursuare use.

Registering for a foursquare API key is easy and it arrives straight away. Getting an OAuth token using the key was also just as easy and within a minute or so I was able to call out instructions to foursquare from my server, pretending to be me. It didn’t take me long to close the loop so that to all intents and purposes my server is me as it knows where I am.

Although it’s a little rough around the edges, I now have an application running that has a pre-set list of locations that it is allowed to check me into and when my coordinates say that I am there, it calls out to foursquare and does so.

While this is far from ready for release, I do hope to do so in not too distant future, perhaps in time for WordCamp. In the meantime I’m going to sit back and enjoy ousting my colleagues as mayor of the office, just by pulling into the car park. After all, isn’t that what this whole foursquare thing is all about?

Comments off    

Home VPN

I’ve written an article over on RouterTech about how to setup your own home VPN server. It’s something I’ve mentioned to a few people lately that I use so I figured it was time to share exactly how it’s done. Questions and comments are of course always welcome over on the RouterTech forums.

Comments off    

Spam Insight

I read a brief but interesting article on the Akismet blog today offering an insight into the current state of web based spam.

While Akismet isn’t a blocking service I personally feel that the large IP ranges identified by the article as solely in use by spammers could do with being blocked.

Comments off    

Comments on DRM

The original published date on this article, “The Day the Music Died“, is a little old but I think many of the points are still relevant to a lot of the online music services out there today. Certainly food for thought if you own an iPod or other similar device that allows you to pay for and download music that is restricted with DRM.

Comments off    

WordPress Geek

I found this amusing list of things that might make you a WordPress geek. I found myself falling into a number of the categories listed so I think it’s a strong possibility that I am in fact a WordPress geek. How do you fare against this list?

Comments off    

WordCamp

WordCamp UK is being held in Cardiff this year and on account of the fact I live relatively close by now and have always meant to go but never got around to, I’ve signed myself up. For those of you that don’t know, WordCamp is an informal gathering of bloggers and developers who use WordPress. There is an opportunity to attend talks, discuss projects and of course socialise with other technically minded individuals.

The scheduled talks look like they could prove very interesting and there is already a large group of people signed up, some of whom I have already exchanged words with over the internet on various occasions so it will be great to meet them in person. Matt Mullenweg is also attending and having the opportunity to thank him in person for creating WordPress will be really cool.

Comments (1)    

Facebook Username

Last night facebook launched a username option which allows visitors to the site to go straight to a profile by putting the username in the URL. I of course made sure I snagged my username as soon as the system went live, so you can now access my facebook profile (if I have granted you access to it of course), on the following URL

www.facebook.com/kieranoshea

Sadly I wasn’t able to snag “kieran” for a username as it had already been taken – Kieran Cloonan I’m looking at you – grrr! I could have had “oshea” but having that as a username seemed to bring back distant memories of being called by my surname at school so I decided against it. The username “oshea” has in fact now been taken so Ben O’Shea, I wish you the best of luck with it.

All in all I think this is a good move by facebook. While some might criticise it and say it’s just another step towards becoming MySpace, I see it as more of a step towards the modern web. PHP files and arguments in the URL are so last century. Pretty permalinks and restful behaviour are what it is all about these days. While I can’t see facebook truly implementing a restful URL structure they have certainly made an important forward step with usernames.

Comments off    

Problem with lftp solved

I thought I’d share this little solution with people as its been bugging me for ages. My command line ftp client of choice, lftp, recently started not connecting. I couldn’t find a suitable solution until I noticed that the AUTH command was being used when I normally don’t make use of that for ordinary ftp sessions.

I added the following line to my lftp.conf file:

set ftp:ssl-allow false

This fixed the issue of failing to connect and everything is now working as it should. Hope this helps someone who is in a similar fix.

Comments (2)    

Next entries » | « Previous entries