Categories
Uncategorized

WordCamp Asia 2020 Canceled Over COVID-19 Concerns

Matt Mullenweg announced this morning that he made the call to cancel the first WordCamp Asia amid concerns surrounding COVID-19, the recent coronavirus strain with over 42,000 reported cases. The virus has caused over 1,000 deaths to date. WordCamp Asia was scheduled to run from February 21-23 in Bangkok, Thailand.

“I’ve arrived at the difficult decision to cancel the inaugural WordCamp Asia event,” wrote Mullenweg. “The excitement and anticipation around this event have been huge, but there are too many unknowns around the health issues unfolding right now in the region to explicitly encourage a large public gathering bringing together over 1,300 people from around the world.”

Mullenweg expressed a desire to explore an online event, possibly live-streaming some of the sessions. However, WordCamp Asia organizers said they will not be able to organize one. “We believe our efforts are now best focused on making the best arrangements necessary to assist all affected participants,” said Naoko Takano, the global lead of WordCamp Asia 2020.

“I greatly appreciate the work everyone — from organizers to attendees, speakers to sponsors — put into making this a big success,” said Mullenweg. “So many people have come together to create an event to inspire and connect WordPressers, and I am confident that this passion will carry through into the event next year. Our thoughts are with everyone affected by the virus so far, and we sincerely hope that everything is resolved quickly so that this precaution looks unnecessary in hindsight.”

Some attendees have already made the trip to Bangkok. Others have purchased non-refundable flights. The WordCamp Asia team will refund all event tickets and will provide a free ticket to next year’s event. Organizers, speakers, attendees, and sponsors should all read WordCamp Asia’s cancellation post for details on any next steps they may need to take.

“While we regret that we will not see you in Bangkok this time, we hope you understand that the organising team is standing by this decision to ensure the safety of all WordCamp attendees,” wrote Takano.

There are no details on when the event will be rescheduled. The team said they hope to hold it in early 2021 and will make an announcement as soon as possible.

Several people expressed their disappointment with the news in the comments on the WordCamp Asia cancellation post, but it better to err on the side of caution with such a large event. The first priority is the safety of all attendees. It was no doubt a difficult decision for all parties involved.

Some of the attendees with non-refundable tickets and those already in the region talked about meeting up in the announcement’s comments. This could be a nice alternative to at least network with others.

Update: There is an unofficial WordCamp Asia Meetup currently being set up. Also, follow the #wcasia WordPress Slack channel for discussion.

WordCamp Europe Sends Open Letter of Unity

In a letter from WordCamp Europe, another regional camp, past and present organizers reached out to the WordCamp Asia team.

“We woke up this morning to the sad news that WordCamp Asia has been canceled,” the team wrote. “We can only imagine what a heart-wrenching and difficult decision this must have been, and how much pain it must be causing you to see something you have poured your hearts and souls into just disappear into thin air.”

Putting together a large, regional WordCamp is a tremendous undertaking that takes 100s of volunteer hours. Events such as these can take a full year of planning and organizing.

“We know how hard it can be to come together across cultures and countries, but that in the end it is worth it because you are one team working together,” wrote the organizers. “You are creating a flagship event and you know that it will bring joy to so many people and that every one of you has been waiting for the day of the event, and for that not to happen despite all of that work and care must be devastating.”

Wordfence to Aid With Lost Fees

Mark Maunder, Wordfence Founder and CEO, announced on the Wordfence blog that his company is creating a $10,000 fund to help attendees with hotel and airline change fees. The company will provide up to $200 in assistance per person, which will be served on a first-come-first-served basis. Maunder stressed that people should try to recoup any losses they can by following the advice on the WordCamp Asia cancellation post first. This will allow them to help as many people as possible.

“Cancelling WC Asia 10 days before it commences is a brutally tough call,” he wrote. “I’ve had the organizers in my thoughts for the past few days knowing, via backchannels, that they’re agonizing over this. This is the right call.”

The aid is available to all WordCamp Asia organizers, speakers, and attendees while there are still funds available. Those in need of assistance can find more information on the fund’s announcement post.

Update – February 12: Wordfence exceeded their $10,000 fund with 94 applicants. GoDaddy Pro stepped in to add an additional $10,000 to the fund, according to a tweet by Maunder.

Update – February 13: Yoast added $10,000, bringing the total to $30,000. At the moment, no additional funding is needed because requests are slowing. If needed, Maunder said he would reach out to others who have made offers to help.

Categories
Uncategorized

Unlist Your Number from TrueCaller today!

UPDATE July 18, 2013: Approximately 7 months after this article was published, there’s been news that the TrueCaller database has been hacked into by the so-called Syrian Electronic Army. Again, this highlights the need for users to be careful in the choosing the companies with whom they entrust their private data.

TrueCaller is a mobile app and online service that serves as a very large phonebook for reverse phone number lookups. It can be used to augment your own phone’s contact list in your iOS, Android, Windows Phone, Symbian, or BlackBerry device, helping you let know the names of unknown callers. You can test to see which of your or your friends’ numbers are available in their database at www.truecaller.com.

How does it work?

TrueCaller claims to source the caller information present in their database partly from public directories, and partly from “crowdsourced” data.

However, when I checked, their data didn’t seem to come from public directories. I began searching for my friends’ landline and mobile numbers and those of my own as well, and noted a few interesting things:

  1. Sometimes somebody else’s name would prop up. This would probably be a previous owner, or the former name of the person in case of a name change.
  2. Sometimes the company name would be suffixed or prefixed to the name.

This definitely seems to be populated from contact lists of users.

TrueCaller seems to stop here – it doesn’t, for example, seem to retrieve or store users’ locations. Also, it doesn’t support searching by name – you can only search by number. However, what TrueCaller does reveal is still bad enough, and has actually made many users unhappy, as you can see in a Quora thread on this subject.

Removing your Number

Luckily, fixing this privacy issue turns out to be easy. Head over to Unlist your Phone Number to request an automatic unlisting of your number. It took a few hours for my numbers to get unlisted, and I heaved a sigh of relief after that.

Categories
Uncategorized

6 Ways to Defend Yourself Against Viruses and Malware

Which virus protection is the best?

Well, to protect yourself against malicious software, the six defensive ways detailed below can work better than the best anti-virus software left to act alone.

1) Be aware of virus symptoms, and attack vectors

This piece of advice might sound something beyond the realm of non-techies. However, non-techies had to learn how to use computers anyway, and learning a little about the basics of viruses won’t hurt. The information contained in this article is a good start.

(i) Be wary of suspicious, new process names in the list of running processes

Sometimes these processes have the same names as legitimate ones to disguise themselves (svchost.exe is an example). Sometimes they have similar names, like svvchost.exe and _services.exe (the legitimate ones have the names svchost.exe and services.exe). The username that’s running the process sometimes gives an indication of whether it’s a legitimate system process or not – a virus usually runs under the currently logged-in user’s name. If you’re a power user, you’d want to use Process Explorer, which will allow you to dive in more deeply when inspecting processes, such as figuring out which exact executable on the file system is responsible for the running process.

(ii) Emails from your friend may not have been actually sent by them

Be wary of opening email attachments, unless you were expecting them – even seemingly innocuous video files could cause your data to disappear. Take your precautions even when the attachment is expected – the anti-virus scanners embedded with the popular email providers provide a good defense.

On a similar note, be careful when downloading files randomly from the Internet. Executable (.exe or .com on Windows) files are the ones that can cause most harm.

(iii) Do not leave the Windows’ auto-run option enabled for portable drives

Auto-run has long been one of the most popular ways in which viruses spread – ensure that you keep it disabled. Never, ever, trust a portable drive that had been previously inserted into a machine that you don’t own, even if it has an anti-virus. Use your anti-virus to scan data that has arrived from external sources. Viruses won’t usually spread through text editors, so you can use these if you’re just inspecting simple files and don’t have an anti-virus at hand.

(iv) Watch out for typical virus symptoms, and gear up to protect yourself

These include:

  1. Access disabled to Task Manager, the Registry Editor1, or msconfig2.
  2. Spikes in CPU or GPU usage – these can be observed either through monitoring tools, such as the Task Manager for the CPU, or GPU-Z for the GPU, or by noticing the hardware fans spinning faster when there is no processor intensive program running.

A good tactic is to run anti-virus scans, preferably from outside your OS, such a Live CD, whenever you detect suspicious activity. Live CDs allow you to boot into them without having to load your OS, which might end up running the virus before any anti-virus can take effect (assuming that the anti-virus failed to detect the malware when it loaded itself onto the machine). Bitdefender Rescue CD is one such option. In addition to regular viruses, Bitdefender scans for rootkits – malware that reside deep within the core of the OS, evading detection while carrying out malicious activity.

(v) Safe online banking

Most Linux distributions, including Ubuntu, support booting from a Live CD and are great for providing added protection when banking online, since viruses cannot write to these disks permanently. Live CDs offer no compromise when it comes to your online browsing experience. These Linux distributions can also be installed on bootable USB sticks.

2) Choose to manually enable the running of plugins in your browser

Chrome and Firefox have the option of enabling “Click to Play” for plugins (i.e. either Flash or Java) within websites so that they run each time only with your permission which you provide by clicking on the area of the page in which . This will help prevent drive-by attacks from malicious code embedded in such plugins, which are almost always hidden from view, or use some sort of social engineering to trick users into downloading malware.

In Chrome, copy and paste chrome://chrome/settings/content into your address bar, and choose “Click to play” under “Plugins”.

Chrome Plugin Settings

In Firefox, go to about:plugins, and turn on the plugins.click_to_play option.

3) Update your OS, focusing on the security updates

They are called “security” for a reason. This is especially important for the Windows OS. Because of Windows’ popularity, hackers have been known to target security holes in Windows on unpatched machines by studying the fixes Microsoft sends out. This is becoming true even for Mac’s OS X; the recent Java malware is an example –though Apple actually released the update and fix after the Trojan was out in the wild. A Windows example: If you updated before Sasser arrived, you’d be 100% secure.

4) Use a firewall

This doesn’t offer much more protection from Internet worms than a NAT, but will be useful if you connect your laptop to a public network. It will also protect yourself from infected machines on your own network. A firewall would protect you from Sasser even if you didn’t install security updates at the time, and would offer partial protection against MSBlast.

While the built-in Windows Firewall provides decent protection, you could try out third-party solutions like ZoneAlarm for better control over what moves in and out of your computer.

5) Use an Anti-virus

This is important, but you must know where it stands – it cannot protect you against everything. In fact, most people skip it on the Mac and Linux, though it’s always recommended for Windows. Remember, you are worse off if you use an anti-virus but don’t know how viruses work.

I bet if you brush up your knowledge of viruses and run Windows without an anti-virus, you’d be infected fewer times than a noob running an anti-virus on a Windows and not knowing a thing about viruses. Anti-virus software are perfect if you realize that they work best for protecting against viruses that the software already knows about, and not so good at protecting new ones.

6) Backups

Whatever precautions you take, you might still lose the fight. Always ensure that you have important data backed-up, so that you can easily restore it in the case of an infection.

Even if there was no danger of infection, backups come in handy in the case of hardware failure, for which you should be prepared for anytime.

Footnotes

  1. ^The Registry is a database of configuration settings and options related to the Microsoft Windows operating systems. It can be accessed by pressing Ctrl+R, typing regedit.exe and pressing Enter
  2. ^MSConfig is a Microsoft Windows utility you can use to troubleshoot issues related to processes that are loaded on startup. Viruses often register themselves to start up automatically – you can remove the easier ones using msconfig or by editing the registry.
Categories
Uncategorized

Converting Multiple VMDK (Virtual Machine Disk) files into one

To convert multiple VMDKs into a single file, I used the following command (LinuxVM.vmdk is the name of the first VMDK file – i.e. the one attached to the VM):

$ vmware-vdiskmanager -r LinuxVM.vmdk -t 0 LinuxVMSingleDisk.vmdk

Note that vmware-vdiskmanager is bundled as part of VMware Workstation. I couldn’t locate that as a separate download, so I ended up downloading the trial version of Workstation.

The above operation takes a while, but not too long. It shows its progress as it completes.

Next, I had to modify the VM settings so that it would use the new disk. I couldn’t find this option in the GUI, so I had to modify the vmx file manually (use an appropriate editor on a Windows system):

$ vi LinuxVM.vmx

I modified the scsi0:0.fileName property to point to the new disk:

scsi0:0.fileName = "LinuxVMSingleDisk.vmdk"

Next, I double checked the VM settings in the GUI to check if the disk had changed, and then booted it up to confirm everything is fine. I then deleted all the old, multiple vmdk files.

The Motivation for Doing This

I’d been using a few heavy applications in my VM: an HTTP server, an Application Server behind it running a couple of large applications, and a database. When doing intensive work, my hard disk would make grinding noises and my Ubuntu host would suddenly exit to the login screen. I’d lose all data in my current session, though oddly, some background applications would continue to run.

So I decided to implement VMware’s suggestion to use a single file for better performance:

VMware Workstation - Creating a virtual disk

Did it really work? The host did crash once, but that was when another heavy application was running on the host itself. In my entirely subjective assessment, I do think there’s been an improvement in performance – though I still need to be a little careful with certain applications.