Okay, so I was trying to build my website on IIS (Microsoft’s Internet Information Services) and I kept getting Access denied by ACL on resource at a certain point. Every single google search result said “check the permissions on your folder”, and there was never a follow-up post. Needless to say, it didn’t work for me. I spent hours trying to fiddle with the permissions, and eventually I compared the permissions to that of a folder that did not have the problem, and they were completely identical. So I did some thinking.

What solved the problem for me is that I had a folder called “xyz.com” – the same as the name of the website. As soon as I renamed the folder and took the “.com” off the folder name (I renamed the folder to “xyz”), it suddenly worked!

I suspect that IIS was reading the “.com” ending of the name and thinking it was an executable – in windows, .COM and .EXE are executable files… but to the best of my knowledge, this doesn’t apply to directories! Stupid IIS!

I hope this helps someone else out there in the IIS world. Please leave a comment if it helped you!

First off, sorry to those of you who have known me since 2005 and still use the same email address as back then. You might have received spam from me from my old Yahoo email account. Most of it seemed to have consisted of just a link to some site.

I know because I got lots of “undeliverable emails” for emails that I’d never sent, and they were all to people in my Yahoo contacts, so someone somewhere got my Yahoo contact list. Luckily, it’s a very old email account of mine and I stopped using the contact list around 2005.

I’m not sure how it happened, whether it was someone “brute force” guessing my password (trying all possible passwords using a computer program), but I think it was more likely to be Open ID. I signed up to stackexchange.com to ask about some programming questions, and to do that, rather than use a new user account, I used Open ID to save time, and used my Yahoo ID as my Open ID. I had to give my Yahoo password to this site.

Now, this site may have passed my password on to another site, or they may have logged onto my Yahoo mail after I gave them my password. I have no proof of this, but I’ve had this email address for over 10 years without a problem and it seems a bit of a coincidence that less than a week after I sign up to Open ID, my account is compromised.

So, when I log onto my blog to blog about this, I see that my most recent post has been marked as private, and someone’s put ads all over it! Uhoh, I thought, this is not good. So I looked further, and it showed a revision by someone called pandona. So I looked at my WordPress users, and this user had administration rights, meaning that they could do anything they wanted! Ouch!!!

And, to make things worse, they’d set it so that anyone that signs up to my blog automatically gets administrator rights! Fortunately, he or she also had the decency to disable user signups – if they didn’t, anyone could have done anything. This user also changed my time zone to the middle east, and changed a couple of other settings.

I have no idea how they did this, but since my WordPress version is two years old they probably used some obscure vulnerability which is freely available on the web. So, I’ve upgraded my wordpress to the most recent version, and changed the password on both my Yahoo email and my blog. Hopefully that will be the end of my problems!

When I got back from my holiday last month, I got myself a new phone as I thought it was about time that I had a phone with internet on it. I joined T-Mobile because they had the best deal.

But now they won’t stop texting me with SPAM and JUNK!!! Every couple of days, I get a text telling me about some new feature, thing I don’t need or offer I don’t want.

So yesterday I called customer services (on a premium rate number of course) and was told that by texting STOP to 49011, I would be removed from all marketing. So I did.

Since then I’ve had more texts than ever.

Yesterday, 13:22 from “T-Mobile”: T-Mobile is really pleased to have helped you today, for 24 hour access to manage your account log in www.t-mobile.co.uk/somegoddamnstupidlink. Thankyou, Stephen PS78

Yesterday, 13:23 from “49011″: Thank you, you will be removed from the T-Mobile Marketing mail list within 14 days. Pelase note this does not stop marketing messages from other companies.

Yesterday, 13:23 from “49011″: Thank you your request has been received. Please allow up to 14 days for changes to take affect.

Today, 13:26 from “T-Mobile”: Thank you for contacting T-Mobile! We’ll text you shortly for some feedback about your experience with us (All texts are free)

Today, 13:28 from “303510″: Q1 of 4: Overall, how satisfied were you with your call experience? [followed by a list of multichoice]

T-Mobile… listen… stop it! Stop it stop it stop it stop it stop it! STOP IT! What part of “I don’t want any more texts from you” don’t you understand??? One more text and I will be making a formal complaint.

By the way, I shouldn’t have to wait 14 days. Their developer needs to simply run the following SQL query to remove me from their database:

DELETE FROM numbers_to_annoy_incessantly_for_the_rest_of_their_life WHERE name = “Matthew Coolness McGee”.

That’s not difficult, is it? If that takes 14 days, then they have a severly defective index in their database schema.

Can I also take this time to say that T-Mobile are shit. Don’t use them. 70% of the time when I try to use anything that requires internet on my phone, I’m hit with “Connection failed”, “No network available”, or that sort of gubbins. This is despite being in an office building 8 floors up with full advertised phone reception. Plus, 30% of texts I send come back with “unable to send message”, and then I find out from my friends that they got my messages twice. That turns out to be costly for me when I start texting people in New Zealand.

Grr T-Mobile. You suck. I was with O2 for 3 years and never had a problem with them. Wish I’d paid an extra fiver a month and stayed with them.

I’ve spent hours playing these two games – I think you have to be a geek to like them, but I think they’re fun!

Blosics 2 – Fire balls at stacks of green blocks to knock them off the screen, but don’t let the red blocks fall.
Taberinos – Launch your ball at the evil white lines, in order to clear the playing field in as few moves as possible.

Do you think they’re fun too?

Precisely four years after I first put Google Adsense ads on my games website darnkitty.com, Google have finally given me some money! You can see it on my bank statement here.

For those of you who don’t know what it is, you can put ads on your webpages (see my website here, and also little ads that appear at the bottom of some posts on this blog), and if people that visit your site click them, you get a few cents. You don’t even have to choose the ads, Google does it for you.

However they won’t pay you until you reach 100 US Dollars. Since my website started off very small and without very much useful content, I figured I would never get there. Indeed, I started off by getting less than $1 per month (see the graph below. Note that the points on this graph are EARNINGS PER MONTH, not total earnings.

EARNINGS PER MONTH FROM ADSENSE

Early this year (2009), we had a talk at our workplace from the creator of Java, and it inspired me to getting back into Java development. I wrote a couple of games in Java and put them on the website, and in the process put in a bit more colour to the site and jazzed it up a bit. Since then, my earnings increased a lot! In Nov 09, the month just gone, my website got me $25 US. Sure, not massive amounts of money, but I’m happy about it!

I’m not sure what caused the big spike in November 2008, I think my website got a mention somewhere on a major internet forum, but if you discard that month it seems that my website has got steadily more and more popular this year. If only it made about 10x times as much as it does, then I could work on it full time from home and never have to go into the office again!

It just goes to show, put some effort into your site and you might just make some money from it. You probably won’t get megabucks like you see in those online ads (“I made $5,000 a day from Google Adsense!”) but it’s a nice little hobby.

I used to love this game as a kid on my Commodore 64. Then Jet Set Willy II came out and I loved that even more.

Because I’m such a geek, I wrote my own version of Jet Set Willy in around June this year (about 22 years after I played the original). It’s a version that you can play in your browser here. I tried to make it as close to the original as possible, even with the same music.

Surprisingly, when you do a search on Google for Jet Set Willy, mine comes up third (your results depends on your country, but on my computer it comes up third). I think that’s pretty good – that means it’s the third most important link in the world on Jet Set Willy – not bad considering I only did my version a few months ago.

Now, if only I knew how to make money from this sort of thing.

For those of you that don’t know, I like running and walking, and each time I go out for at least an hour, I draw the route that I ran on www.mapmyrun.com.  The site has a lot of bugs, but it’s the best one out there that I know of (that, and I started on that site, and I don’t want to swtich to another site).

Yes, that makes me a geek alright… but it’s a good way to track how far I go each month and how many calories it burns.

I walked for 22km today around Tower Hamlets to take some photos (the map’s just there), and put it on the map when I got back home. I’ll put the photos I took up in a separate post so you can see where I live!  It will be exciting.

What’s hotlinking?  It’s when a website links directly to images hosted on my webserver.  That means that that website gets images on their site, and I pay for the bandwidth.

But… what happens if I delete that image off my webserver?  Or… change it to something else?  Muhahahaha… this gives me an idea.

I’ve knocked up the following image in a few minutes:

Any time anybody downloads anything off my website (darnkitty.com), it’s logged.  I can easily check the logs and see which websites are hotlinking to my images.  I’ve found that websites are only linking to two particular images on my server… a picture of a question mark, and a picture of the java icon.

Note… to avoid this problem, all a website has to do is download the image and then re-post it on their own server!

I’m going to replace the appropriate images on my website with the picture above.  That means that those sites that display my images are now going to show the image above!  Check here and you’ll see what I mean (when they notice, they’ll probably take them down, but they were there at the time of writing):

http://sushiwidget.blogspot.com/2009/01/belgian-weather-forecast.html
http://www.highspiritsclan.net=094f2e9873c80320dcaa490e0d9f4487
http://z3.invisionfree.com/The_Quidditch_Site/index.php
http://www.ljojol.com/vb/t14.html
http://www.seed-forum.com/viewtopic.php?p=795487
http://www.pcintv.com/forums/showthread.php?=&threadid=30995

Well I was looking through my logs of my website darnkitty.com and saw some people had been trying to hack my website.  They did it by attempting to hard-code certain variables in the URL of my page to override the need for the admin password.

Luckily they failed!!! Muhahahahaha.  Their attack would have worked if I had PHP’s register_globals option on.  Fortunately, I didn’t, as it’s a well known security hole.

If you’re reading this, and you’re a PHP developer… turn register_globals off.  Now.  Do it now.  Have you done it yet?