Free Website Security Certificates (a/k/a Free SSL Certificates)

If you have a website, you almost certainly need to secure it. Even for a simple WordPress blog like this one, security is a real problem; sites get hacked all the time, and even a site like this one can draw hundreds or thousands of hack attempts per day. Sometimes, it’s because hackers discover a new vulnerability. Usually, it’s an old one that just hasn’t been patched yet. But there’s more: hackers can steal your login info and take over your site just by monitoring your traffic over a wireless network, like in a typical coffee shop or airport.

The solution for this is to get a security certificate (commonly, but no longer correctly, known as an SSL certificate). Typically, these cost $100/year or more, depending on what you need. But there’s good news.

The free option for today is StartSSL.com, which will give you a very basic certificate for free. It still requires some technical know-how, but not much; whoever handles your website maintenance now should be able to handle it pretty easily.

It’s about to get a lot easier. In mid-2015, Let’s Encrypt is launching. Let’s Encrypt is a project of the Internet Security Research Group, which consists of some real heavy-hitters in the tech world: Mozilla, Akamai, Cisco, the EFF, and IdenTrust. It will allow you do secure a website with, basically, one click. For free.

So, cost is no longer a barrier to securing your website. Go do it!

Fix Quicken 2014 Copy and Paste with AutoHotKey

For no apparent reason, Intuit broke the copy and paste functions in Quicken 2014, such that you can no longer copy text from a transaction or paste into a transaction field. If you use AutoHotKey, there’s an easy fix. Just add the following to a .ahk script:

#IfWinActive Quicken

; Quicken 2014 no longer allows pasting of
; text in most contexts, so fix that
^v::
^+v::
SendInput {Raw}%clipboard%
return

^c::
ControlGetFocus, ctrl
if (RegExMatch(ctrl, "QREdit\d+")) {
ControlGet, clipboard, Selected,, %ctrl%
}
return

; This must be at the end of this section
#IfWinActive

Handy Software – WinDirStat

This is a PSA for those who have way too much junk on their hard drives.

Background

For several months, McAfee has been taking ever longer to run virus scans on my hard drive, getting to the point that it sometimes took a couple of days. When I investigated, it reported that it was scanning almost 1.1 million files — far more than I realized that I had. In fact, I couldn’t even figure out where that many files had come from. For example, I knew that I have several large collections of sample data from programming efforts over the years, but these totaled at most maybe 100,000 files, not hundreds of thousands.  So, at first, I was just left wondering which program had secretly cluttered up my drive with random junk, but without any good options for resolving the problem.

WinDirStat to the Rescue

I found the problem areas by downloading and installing WinDirStat, an open source application for scanning a hard drive and determining which files and folders take up the most space, as well as which file types do so.

Screenshot of WinDirStat
A screenshot of WinDirStat (from the official site)

WinDirStat took about 20 minutes to analyze my hard drive on the first run, but the results were tremendously helpful. I was able to see at a glance that I had two enormous folders buried on my system about which I had totally forgotten. One contained a complete backup of Sarah’s hard drive from, I think, 2007 — it had even been migrated in at least one laptop replacement, if not two. The other folder contained hundreds of thousands of files from an old backup of my own files, which I didn’t even know was on my system. Many of those were related to software development, meaning they got extra processing time from the virus scanner. The upshot: two folders alone accounted for more than 450,000 files and more than 100 GB. Unsurprisingly, getting rid of this junk sped up those virus scans tremendously, at least four-fold based on the first post-cleanup scan.

Summary and Non-Windows Options

If you are looking for a good way to clean up your hard drive, WinDirStat is a handy tool to have. Check it out at the official site or the project blog.

WinDirStat Logo
The official WinDirStat logo (variant 06 shown here) is pretty nifty, right?

WinDirStat is Windows-only, but there are good options for other systems. Although I don’t have personal experience with them, similar alternatives for other operating systems include:

P.S. Sarah glanced over at my computer from a good distance while I was writing this post and thought that I was writing that I had 1,000,000 flies in my hard drive. Fortunately, no. If that happens to be a problem that you do have, I am afraid I can’t help you.

P.P.S. This post had the unintentional effect of illuminating serious shortcomings in my WordPress theme; the way images with captions are displayed is terrible.  I think it’s a question of new versions of WordPress coming out more often than I post, on average, so the theme has languished for quite a while and quite a few versions.  Time to give it another face lift, I suppose.

Six Hundred

I just realized that my most recent post (GTD: Your 6 Most Important Things) was my six hundredth post on here.

This site has come a long way since I started working on it in vi and Netscape on a Unix workstation. It has been edited in — and arguably abused by — vi, Netscape Communicator, multiple versions of FrontPage, multiple versions of Dreamweaver, and countless other tools. I am pretty happy with the way it runs now (almost entirely driven by WordPress, with some portions hand-coded in Notepad++).

Mostly, I’m happy it’s still ticking along, despite a few long slowdowns, and still has some readers. Thank you for reading!

WRECK (WordPress Regular Expression Comment Killer)

In my ongoing battle against comment spam, I have finally decided to write myself a WordPress plugin as an additional layer of defense. It’s called WRECK (WordPress Regular Expression Comment Killer).

WRECK (WordPress Regular Expression Comment Killer) is an extremely simple plugin for marking comments as spam if they match certain regular expressions.

DOWNLOAD: wreck.zip
Current Version: 1.0
Release Date: 7/6/2008

INSTALLATION: Just download and copy wreck.php to your plugins folder (wordpress/wp-content/plugins), then activate it in the plugins section of your WordPress blog.

LICENSE: This plugin is open-source (GNU General Public License), but I would appreciate it if you let me know of any modifications you find helpful.

SUPPORT: No formal support is provided, but I will take a look at any requests/suggestions/complaints you send me through my contact form.

NOTES:This plugin is very simple to use, but BE CAREFUL! It uses regular expressions to filter comments, so a badly written regular expression may block legitimate comments.

By default, only one type of comment is blocked: a comment containing only two lines, the first of which is bolded, with an elipsis (“…”) on each line. The author gets a lot of comment spam like this, which is the reason he wrote this plugin.

If you find this plugin useful, please let me know here. Please also let me know if you discover any useful rules or make any other modifications.

Enjoy!

An Obstacle to Going Microsoft-free

I recently found a major obstacle to going Microsoft-free. I could switch to Linux, if I had the time to fool with it, at the moment, but it appears I am stuck with Microsoft Word, still. While I really like OpenOffice.org 2.0 (OOo), it doesn’t have native support for creating tables of authorities (a.k.a., tables of citations). That feature is only really of interest to attorneys, but, of course, that is what I am training to be. Once I realized this, I also realized that OOo doesn’t support tables of contents, when reading a .doc file.

Of course, I still haven’t found anything that really replaces Outlook, either, since I use more than just the messaging features (in fact, I use the calendar, notes, contacts, and more, quite heavily) and must be able to sync all this info with a handheld.

Unfortunately, as frustrating as I find MS products, I think I’m stuck with Office, at least, until OOo or some alternative catches up and integrates much better support for other major file formats like .doc.

FOSS OTD: 10/25-10/28

Caching up, again, on the FOSS OTD:

  • 10/25: GNU Privacy Guard – GnuPG.org. GPG is a free version of PGP, or Pretty Good Privacy, a suite of strong encryption tools. While GPG doesn’t have all of the same features, it does allow you to encrypt files or e-mails with extremely strong encryption.
  • 10/26: WINE (“WINE Is Not an Emulator”) lets you run Windows applications under Linux and Unix. Very cool.
  • 10/27: Cooperative Linux lets you run Linux on Microsoft Windows, much like commercial systems like VMWare. This actually works pretty well.
  • 10/28: phpBB is a free and open source bulletin board (discussion group) package. It’s fast, reliable, and absolutely free. In fact, I’m thinking of installing it on here.

Obviously, it looks like I bit off more than I can chew with this FOSS OTD idea. I barely even have time to think about a blog, much less think of something to put on it, most weekdays. So, I’ll probably post items as they strike me, not necessarily on a daily basis.

FOSS OTD: The Regex Coach

Today’s FOSS OTD is oriented towards programmers who need a good way to test regular expressions. Check out The Regex Coach – interactive regular expressions. It updates in real time, as you edit a regex or its target text. Very, very cool. Not actually open source, but still very cool.

FOSS OTD: 10/19-10/23

Okay, so I got behind on the FOSS OTD postings. Catching up:

  • 10/19: PHP is a wonderful, fast, and flexible OSS scripting language for web programming and stand-alone applications.
  • 10/20: FileZilla is a free FTP client. There is also a great FileZilla Server application.
  • 10/21: PuTTY is a free telnet/SSH client. Very dependable and flexible.
  • 10/22: Notepad++ is a free Windows Notepad replacement, which allows for tabbed editing, source formatting, and more.
  • 10/23: MySQL 5.0 just reached production status – this is the world’s best database system. Check it out!

FOSS OTD: AstroGrep

Defined as a “Windows GUI grep utility,” AstroGrep is a search tool, similar to the “grep” tool in Linux, but with a Graphical User Interface (GUI, i.e. a window, not a command line). It’s faster and more reliable, in my experience, than the built-in Windows file search features. It can show search results in context within a file. Best of all, it lets you use Perl-compatible regular expressions. If you don’t know what a regular expression is, don’t worry about it; it’s still a handy tool. If you do, go celebrate, because this is wonderful.