I just wanted to take a quick moment to wish all a Merry Christmas, I hope all is well for you and yours



paul

There is alotofconversationgoingaround (being thrown around?) right now about PHP with Apache 2. The PHP docs strongly suggest against running PHP with Apache 2 on a production machine due to possible race condition issues with the threaded Apache model, and various PHP modules not being thread safe. This was also mentioned in the keynote at PHP|Works this year in Toronto. Rich Bowen pointed out that there is a preforkMPM model with Apache which mitigates this issue, and as such, PHP should operate correctly with Apache 2. That sounded like a gauntlet being thrown down to some (After reading a lot of conversations on the issue it seems like there might be some pre-existing bad blood somewhere, which is odd because the two systems work so well together), and the response I am hearing from most people is a quaint ‘but why should I upgrade to apache 2’, which I feel avoids the issue. Some people, even if not nesesarily the core PHP developers, will find uses for the many new things that Apache 2 brings, and PHP should attempt to position itself to support these individuals.


Personally, with this information in mind, I feel it is time for PHPÂ’s documentation to mention that if you are going to use PHP with Apache 2, you should use the Prefork MPM, and link appropriately. It could possibly even suggest Apache 2 (over 1) for Windows users, as there are significant improvements for those users.

This just appeared in my house the other day, that is about all I have to say about the matter.

I installed the Mozilla Firefox plug-in ‘BugMeNot’ a while back in my mad fit of re-installing Firfox in an attempt to resolve the issue where Firefox crashes every time I close the program. That was over a month ago, and have only recently bothered to try it out. What’s to say, it works as advertised, if you end up at any reasonably popular site with a login form, you just right click, and presto a valid username and password are provided from a central database. The most common use (I have been told) is by people trying to read an article at some news site (say the New York Times) that requires free (but annoying) registration.


After having used the plug-in a few times I believe I will go back to my original practice of just not reading those sites. My reasoning is thus; Firstly, I donÂ’t feel my life was all that bad when I wasnÂ’t reading them, nor do I feel I was particularly uninformed. Secondly, I feel that using such tools (or fake accounts in general) will only encourage more of these sites to adopt these free registration policies. My reasoning is thus, the executives (having not heard of BugMeNot, or just ignoring its effect) will examine or have examined readership stats before and after implementing the registration, and will see little change. People still read X articles every day, we are still showing Y advertisements, etc.


I think I will just continue my one man boycott of sites that require registration to read, and presume one day someone might notice.

This post was created as a comment in response to an article on Harry Fuecks blog.


While I think the blacklisting approach has some advantages from a 'bad word' list approach, I doubt any significant long term gains can be made with an IP based approach. Since the economic incentive is there (otherwise we wouldn't be having this conversation), the comment spam systems could be split into two parts, one high bandwidth system searching for blogs to spam, and a second low bandwidth dynamic-ip system actually doing the spamming. The transfer of text required to send an individual piece is spam is minimal, and someone will have finally found a use for their 3000 free hours of AOL. The prevalence of other dirt cheap ISPs can only further assist those who might use this method. Blacklisting individual IPs will do little, as a re-connect will change the IPs, while blacklisting ranges will end up throwing the baby out with the bath water.


I think the final solution may lie in a two pronged approach. Firstly using a combination of those captcha images & sounds. Yes they can be defeated, but doing so requires both effort and cpu power. Secondly by profiling the comments in question. Examine correlation between the words used in the post and the comment, as well as the number of comments made by an individual across different posts in a given timeframe. A single comment posted by an individual IP in one day, with a decent co-relation of words to the post is likely not comment spam. Meanwhile several identical comments posted to several different posts with little to no co-relation in a very short period of time likely is.

All three of those items (Saved, Killing the Buddha, and the CBC) have something in common, donÂ’t worry, it should make sense in a moment.


First, a little background. Every time I drive my mothers car (which is with some frequency when mine is blocked into the driveway (I moved home while I write my book)), I end up listening to the CBC, as that is what her radio is always tuned to, and I donÂ’t know any local radio stations. I have commented to her in the past that I feel as if my IQ is boosted by a point every time I listen, so I do definitely feel it is a positive experience.


Anyway, the other day I was driving the car, and the host was interviewing the two people behind the site/magazine/book 'Killing the Buddha' whose manifesto is as follows:


Their manifesto sounded pretty familiar when I heard it, but it wasnÂ’t until I watched Saved today that I remembered why. I am in fact one of those people who feel uncomfortable in churches, or effectively any place of or exhibition of religion. That isnÂ’t to say that the concept of religion makes me uncomfortable, merely the physical reminders of it, or outward expressions of it. The scene for most of Saved is a Christian high school, so in the beginning there was a lot of singing and such, which put me ill at ease. Then today, I remembered the whole Killing the Buddha thing and it all fell into place. Hopefully I will procure the book over the Christmas holidays, either directly via a gift, or through some combination of received gift cards / cash.

I've updated to the most recent serendipity release, hopefully this will deal with the comment spam issue that is a freaking pain in the ass.


If something doesn't work let me know and I will take a look.

Am I the only one who objects to having their activation phone call hijacked and used as a sales pitch? I got my new Visa card today, and phone to activate it (I am quite familiar with this process, since I lose my cards regularly, and end up doing this probably at least once to twice a year, rather than every four years). So, I answer the standard security questions, the card is activated, as far as I am concerned the call is over. Then the person on the other end of the line drops into this sales pitch, trying to sell me on some card protection plan. I state I am not interested. Then she wants me to give her a couple reasons why I am not interested. This, I know is a trap. For every reason you can think of, they have a response, “can’t afford it” you say? “Well can you afford not to have it” they respond, etc etc. Not wanting to fall into this trap, I decline to answer, she gets hostile/confused as to why I won’t answer, things go downhill. Finally we understand each other, which allows her to drop into the standard “Thanks for calling TD Visa, I hope I was ….. My name is…. etc” line, and then (the nerve!) asks if there is anything else she can help me with, at which point I have to say no, and she has to go through the whole thanks for calling thing again. A call that should have taken under 30 seconds ended up taking more like 3 minutes.


I am quite sure that the Visa representative thought I was rude, but in my mind (an opinion) I was only responding in turn to their hijacking of what should have been a simple call. CesÂ’t la vie.


I used to have an American Express, and if memory serves, they didnÂ’t try to pull stunts like this. You didnÂ’t even have to speak to someone to activate your card if you phoned from home. You call, punch in some digits, machine says thank you, itÂ’s done.