Is The Cloud Too Expensive?

One of my current Open University modules (M362 – Developing Concurrent Distributing Systems) discusses “The Cloud” quite a bit, especially the Amazon solution. It is supposed to be cheaper and more scaleable than creating your own infrastructure.

Well, it seems that a few years down the line this may no longer be true, at least for some small businesses.

Eric Frenkiel is through with convention and conformity.It was just too expensive.

In Silicon Valley, tech startups typically build their businesses with help from cloud computing services — services that provide instant access to computing power via the internet — and Frenkiel’s startup, a San Francisco outfit called MemSQL, was no exception. It rented computing power from the granddaddy of cloud computing, Amazon.com.

But in May, about two years after MemSQL was founded, Frenkiel and company came down from the Amazon cloud, moving most of their operation onto a fleet of good old fashioned computers they could actually put their hands on. They had reached the point where physical machines were cheaper — much, much cheaper — than the virtual machines available from Amazon. “I’m not a big believer in the public cloud,” Frenkiel says. “It’s just not effective in the long run.”

It’s funny that the Cloud is now convention, because it certainly wasn’t when M362 was initially written.

via Why Some Startups Say the Cloud Is a Waste of Money | Wired Enterprise | Wired.com.

Delectable – Your own private delicious | iamfriendly.com

Just trying out a Google Chrome extension that enables me to post links directly on my blog. The details are here: http://iamfriendly.com/blog/delectable-your-own-private-delicious/

It looks very interesting but it appears I need to make a small theme change to get the most out of it. I’ll have to do that at some later point.

This will be very useful for me to post articles that support my OU research. I do need to do that more for reflection purposes

All change

Hello there. I’m still here but been a little busy recently.

I’ve recently moved the blog to a new server (cloud-based, so that should probably be servers) and I’m yet to import all my old posts. I’ve, er, forgotten where the exported file is…

Anyway, normal service will be resumed shortly. Probably.

In the meantime I’ll be trying out a few more themes. Expect the blog to break. I’ve left error reporting turned on for now so expect some weird messages – I’m using  the new beta version of WordPress and things may be a litle rough around the edges

Malicious content?

Is that even how you spell malicious? Oh, it is. Anyway, it seems that Google has found some malware hosted on my blog and has thus flagged my site as “potentially dangerous”.

If you’re using Firefox or another browser that checks Google’s list of bad sites you’ll get a a big red page telling you that my site may harm your computer. It won’t and probably didn’t previously but I have found some code inserted into various places.

It’s possible, but unlikely,  that my site passwords were hacked. I don’t use easily-guessable passwords these days and I use a plugin called Login Lockdown that prevents multiple login attempts into the admin backend. It’s most likely that another site hosted on the same server is using some insecure script or other and someone prick has managed to get root access, or similarly administrative access, to the server itself.

I had a zero-sized iframe inserted into only one of the links in my blogroll and some malformed javascript inserted into the header and footer php files. Neither of these things were properly written – the syntax was all wrong in both cases – so whoever it was didn’t do a great job, but the URL of a known malware site was left in my source code and Google was able to pick up on that.

It’s good that Google does this, in cahoots with stopbadware.org. It’s a pain for me, in that I need to get my site reviewed again by Google so that it can be taken off the list, but also helpful in that they’ve found the attack for me. I’d have never known about it otherwise, not without scanning the site code and database – and there’s a LOT of code!

I’ve changed all my passwords just in case, along with changing the database name and user password. It shouldn’t happen again, but then you can never really know for certain when you’re using shared hosting.

Decorating

As is sometimes seen in shops and restaurants: please excuse our appearance while work is in progress.

I’m trying out a few themes at the moment. I go in cycles with this. I’m trying to work out a decent minimalist theme that’s typography-based. The one that’s active now – Wu Wei – appeals to me a great deal but has some formatting issues that I want to work on.

I think I’d like the content to be central, rather than offset to the right, and the post information in a smaller font and off to the left. I think I can do this but I have more important priorities than farting about on my blog. You’ll notice the lack of posts here recently!

I’ve added a lifestream page which shows my twitter, flickr posts etc, but the formatting is currently rather horrible on that too. I’ll tidy that all up once I’ve done all my other jobs.

Alternatively, I may just move on to a different theme if the mood takes me (and it might)

A Stitch In Time

If you’re using a self-hosted blog running WordPress and you haven’t upgraded for a while I would highly recommend upgrading. From the official WordPress blog (by Matt):

A stitch in time saves nine. I couldn’t sew my way out of a bag, but it’s true advice for bloggers as well — a little bit of work on an upgrade now saves a lot of work fixing something later.

Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.

The tactics are new, but the strategy is not. Where this particular worm messes up is in the “clean up” phase: it doesn’t hide itself well and the blogger notices that all his links are broken, which causes him to dig deeper and notice the extent of the damage. Where worms of old would do childish things like defacing your site, the new ones are silent and invisible, so you only notice them when they screw up (as this one did) or your site gets removed from Google for having spam and malware on it.

All software has bugs. It’s inevitable. Developers can’t possibly write perfect code – the longer a program is the more bugs there are in it. WordPress is a large application and the developers are fixing bugs all the time, but new ones appear with every new feature and no amount of PHP pesticide will ever stamp them completely out.

Where there are bugs there are ways for people to exploit an application, and there have been some nasty exploits around recently.

Matt is right in his post – get your installation upgraded as soon as practical after a new release so that these sorts of exploits can be kept to a minimum

Back to the Firebug theme

I’m currently having a few problems with my admin backend (not a euphemism) caused by my preferred theme. Something broke along the way to WordPress 2.8.2 and it’s the Woothemes-written theme that’s causing some problems on the create post page.

I can’t add tags or upload media, so I’ve decided to roll back to a previous theme for the time being.

Is it just me or is my use of the English language completely messed up in this post? That’s clearly a product of lack of sleep rather than any programming issues…