Does iTunes (and iCloud) have a systemic security problem? [updated]

John Gruber doesn’t think so, but my experience and the experiences of countless others seems to show otherwise.

Back in late-January of this year, I received a curious email from Apple, indicating that my credit card information and billing address listed in my iTunes Store account had ben recently changed. Now, I never keep credit cards on file with retailers, nor do I have the iTMS linked to PayPal. I strictly adhere to a policy of making music, app and video purchases using only gift card balance, mainly out of concern that credit card account information stored anywhere outside my wallet or my noggin is inherently vulnerable, so I avoid it, when possible.

I logged into my iTunes account and found that, while my street address remained the same, my house had been magically transported to Townson, MD 21286-7840. Furthermore, my account balance, which had been about $34 the evening before, now hovered around 12¢. Apparently, after teleporting to Townson, I went on a spending spree, buying Fruit Ninja, Fruit Ninja HD, Angry Birds Seasons, Angry Birds Seasons HD, Plants vs Zombies, Plants vs Zombies HD, and so on, including a mystery lifestyle app titled “27000+ 天下美食.” Continue reading

Two shells, a truck and a citrus fuit

Image retrieved from - no copyright infringement has changed servers. After a couple of very long weeks of practically zero connectivity via my “business class” Road Runner connection, I finally gave up on my principle that would always be self-hosted. (Gee, thanks, Time Warner Cable, I’d only been striving for that since 1997.) Now, the site lives on A Small Orange‘s shared hosting system, alongside my photography site. Continue reading

Dude, You’re Totally Harshing My (Google) Buzz

Absolutely, 100% by accident, I managed to discover that my server had fallen victim to an interesting SQL/PHP injection attack. I began to notice some odd search traffic that resulted in one or two hits to both of the sites on this server and decided to Google the hostnames to see what the results were. Lo, and behold, my site and content descriptions had changed from carefully crafted statements and a handful of appropriate keywords to a laundry list of figures from the French Revolution, random pharmaceuticals and reviews of the latest japanese sports cars. Continue reading

2009: NC Democrats Push Anti-Municipal Broadband Legislation, Threatening to Derail Federal Stimulus Money

Originally posted to back in April 2009. In the meantime, Ty Harrell has resigned due to adultery and questionable finances and Verizon sold its stake in North Carolina to Frontier Communications. Reposted here for archival purposes, because the “Level Playing Field/Cities/Service Providers” bill is back, for a fourth encore.

As reported by the Independent Weekly, Representative Ty Harrell (D-Wake) and State Senator David W. Hoyle (D-Gaston) have penned SB1004 (and it’s House counterpart, HB1252), known as the “Level Playing Field/Cities/Service Providers” bill. Contrary to its name, the bill seeks to prevent municipal governments from installing high-speed broadband or wireless internet service and acting as an ISP, even if commercial ISPs have no plans to offer service to their communities.

Close on the heels of Time Warner Cable’s announcement that it would begin testing “tiered bandwith” caps in Greensboro, and the annoucement of Salisbury’s plan to follow in Wilson’s footsteps and provide fiber to the home for its residents (promising symmetrical speeds of up to 100Mbps), these bills not only threaten the possibility that North Carolina will finally claw its way above the national average in residential broadband access, and do so in an affordable manner, it also threatens North Carolina’s access to the $4.7 billion the National Telecommunications and Information Administration (NTIA) has set aside from the $787 billion stimulus package to bring broadband to underserved and un-served communities.

Read on for legislative contact information and learn why North Carolina isn’t likely to receive fiber internet any time soon…
Continue reading

I think I need a new server

I’ve been proudly self-hosting for many years, but a number of recent server hiccups (including a new mystery gremlin that brings Apache to its knees every 22-24 hours) and the absolutely awful quality of Time Warner’s “Business Class” RoadRunner service, have convinced me that it’s time to move to an off-site host.

The requirements are:

  • Less than $10 per month for hosting all three domains
  • Shell access
  • MySQL
  • PHP
  • WordPress
  • and terms that allow artistic nudity (for my photo site)

The candidates are:

Any thoughts/suggestions?