One of my former supervisors now works for a security vendor. He told me the other day that someone asked him, “Does your company have anything so I don’t have to patch anymore?”
The answer, of course, is that there’s nothing that gets you out of ever having to patch anymore. To some degree you can mitigate, but there’s no longer any such thing as a completely friendly network. The reasoning that you’re behind a firewall doesn’t work anymore. On corporate networks, there’s always something hostile roaming around behind the firewall, and you have to protect against it. If you’re on a home network with just a computer and a router, your computer and router attack each other from time to time. That’s the hostile world we live in right now. Patching is one of the fundamental things you have to do to keep those attacks from being successful.
That said, there are things you can do to patch less. Continue reading How to patch less
A few years ago, Microsoft quietly released a security tool called EMET–the Enhanced Mitigation Experience Toolkit. EMET is now in version 4.0, and it’s probably the best security tool you’ve never heard of. And that’s a real shame.
Modern versions of Windows and modern CPUs include several security-enhancing technologies that aren’t necessarily switched on by default. EMET is a wrapper that forces software to use these technologies, even if they weren’t designed from the get-go to use them. The idea, then, is that if a badly behaving data file tries to exploit a traditional vulnerability in one of these programs, EMET steps in and shuts it down. A real-world example would be if you visit a web page that’s playing a malicious Flash video, or that contains a malicious Acrobat PDF. The malicious data loads, starts to execute, and the minute it misbehaves, EMET slams the browser tab shut. You won’t know right away what happened, but your computer didn’t get infected, either. Continue reading EMET protects against what your antivirus cannot–and it’s free
When I wrote my take on used-book sales, I originally included a question, then took it out because it turned into a sidebar. But it’s a valid question.
Would I rather be a full-time author? Continue reading So, would I rather be a full-time author?
I ran my site through Google Page Speed on Tuesday, and scored a surprising 88 out of 100–higher than I expected. Getting above 90 is going to take some optimizations on files that WordPress updates may change, so I’m hesitant to do that, but one thing it told me to do was to cache more aggressively. That’s pretty easy, as it turns out, and I could definitely feel a difference afterward.
Here’s the trick. Continue reading Another easy Apache tweak
Unlike many bloggers, I blogged for a decade before moving to WordPress. That meant I had a pile of old posts with no tags on them. One of the nice things about WordPress is that you can use the tags in conjunction with a plugin like Similar Posts to display links to related content at the end of each post. And trust me, when you blog for a decade, a lot of your stuff is related.
It’s also sad how much of that old content becomes obsolete, but the 2% that stands the test of time and continues to get readers year over year is satisfying, too.
Here’s how to tag your old content–wherever it came from–quickly and easily.
Continue reading Tag your imported WordPress content with Simple Tags
A couple of years ago, I stood up a WordPress server. I made no effort to tune it, let alone turbocharge it, which is a decision I later came to regret. If your site gets more than a few hundred hits per day, you need to tune it. If you want to get more than a few hundred hits per day, you need to tune it because Apache and MySQL’s default settings are by no means one-size-fits-all. And you can never have too much speed. There are two reasons for that: Google favors fast sites over slow sites, and Amazon found that a one-second delay in page load drops traffic by 7 percent.
There’s a lot of advice out there on tuning WordPress, some of which seems to be good, and some of it not so good.
Here are four things that I know work. I run Apache and MySQL under Linux; these tools may run under Windows or OS X too.
Continue reading Four simple steps to optimize WordPress
Whatever you do, don’t call this post Optimizing Android 2.3 for Games, Graphics and Multimedia. I’ll kick your… nevermind.
But of course the first thing I wanted after I installed Cyanogenmod 7.2–which is based on Android 2.3.7–on my Nook Color was to make it run smoother and faster. What else would I want? So here’s some stuff I did, since adding three CPU cores obviously isn’t an option.
Continue reading Hot-rod Cyanogenmod 7.2
My new server is up and running, and let me tell you, it’s spectacular.
And if you’re reading this on 6 March 2012, you’re probably wondering what I’m talking about, because everything looks just as slow as usual. That’s because the new server is still behind my firewall because I’m struggling to get my content all moved to it.
Continue reading I have a server… and about four years’ worth of content
I was looking deeper into Firefox optimization, and I found Adventures in Firefox-places.sqlite. It’s a pretty intense analysis that goes beyond the usual simple, in-browser SQL vacuum that I’ve mentioned in the past. It was written with Mac OS X and Linux in mind, which is fine, but if you run Windows, you might want to do the same thing.
It has two benefits. It speeds up Firefox, and it reduces the amount of disk space your Firefox profile occupies. The two things are related; smaller databases are quicker and easier to navigate than large ones. As for why you should care about the amount of disk space it takes up, well, on an SSD every megabyte counts.
Continue reading Deep Firefox SQL optimization
About a year ago, I told you about how to vacuum Firefox’s SQLite database to make it run better.
The trick still works, but they moved stuff around on us in Firefox 7.
Continue reading Making newer versions of Firefox work like a fresh install