11/11/2018 – end of

In 2012 to 2013 I developed the idea of preventing wars by forming a one policy campaign organisation whose membership would commit themselves to the idea that if the government started a war, every member would be pledged to turn up and vote for any other party at the next local, national and European election.  That is, if they start a war (as opposed to a defensive action), they lose their jobs.

The goal was to have this in place within five years, by the hundredth anniversary of the Great War on 11th November 2018.

I set up a web site and started recording ideas and statistics.  In my haste and keenness, I did not set up a backup regime for the site.  So when a Drupal exploitation occurred, some stupid child hacker trashed the site and replaced it with some pro-Islamist pro-war bollocks.  I lost all the content – all the thinking and planning I had done.

The 11112018.org.uk domain has finally expired and the web site disappeared.

It takes a lot of time, energy and planning to set up a campaign.  I could not find sufficient to make mine happen.  Life gets in the way.  Meanwhile aid is being cut and military spending significantly increased.  It all feels so futile.

Chinese domain registration emails

I got an email from Adrian Liu adrian@cnnetwork.org of China Registry Head Office saying:

(It’s very urgent, therefore we kindly ask you to forward this email to your CEO. If you believe this has been sent to you in error, please ignore it. Thanks)
Dear CEO,
We are the domain registration and solution center in China. On October 5, 2021, we received an application from Hongxiang Ltd requested “nonewwars” as their internet keyword and China (CN) domain names (nonewwars.cn, nonewwars.com.cn, nonewwars.net.cn, nonewwars.org.cn). But after checking it, we find this name conflict with your company name or trademark. In order to deal with this matter better, it’s necessary to send email to you and confirm whether this company is your distributor in China?

Best Regards

Adrian Liu | Service & Operations Manager

China Registry (Head Office)

Tel: +86-2161918696

Fax: +86-2161918697

Mob: +86-13816428671

6012, Xingdi Building, No. 1698 Yishan Road, Shanghai 201103, China

*****************************************

This email contains privileged and confidential information intended for the addressee only. If you are not the intended recipient, please destroy this email and inform the sender immediately. We appreciate you respecting the confidentiality of this information by not disclosing or using the information in this email.

Gotta love the “Best Regards”.  It’s like a mugger saying “Have a nice day”.  I like to be helpful.  So I replied:

No, Hongxiang Ltd is nothing to do with us at all.

It probably does not matter what you say in the reply, because this comes next.  From one Zhihai Ning ningzhihai@outlook.com saying:

To whom it concerns,

We will register the China domain names “nonewwars.cn” “nonewwars.com.cn” “nonewwars.net.cn” “nonewwars.org.cn” and internet keyword “nonewwars” and have submitted our application. We are waiting for Mr. Adrian Liu’s approval. These CN domains and internet keyword are very important for us to promote our business in China. Although Mr. Adrian Liu advised us to change another name, we will persist in this name.

Kind regards
Zhihai Ning

I thought I ought to respond.  Out of politeness.  Especially since they said “Kind regards” which as we know is always a genuine sentiment.

I don’t see how I can stop you.

But I am interested. Why do you want to use the NoNewWars name?

Back to a reply from Adrian Liu adrian.liu@chinaregistry.org.cn at the China Registry.

Based on your company having no relationship with them, we have already suggested that they should choose another name to avoid this conflict, but they persist in this name as China domain names (nonewwars.cn, nonewwars.com.cn, nonewwars.net.cn, nonewwars.org.cn) and internet keyword. In our opinion, maybe they do the similar business as your company then register it to promote their company.

As is known to all, the domain name registration based on the international principle is opened to company and individual. Any company or individual have the right to register any domain name and internet keyword which are unregistered. Your company haven’t registered this name as China domain names and internet keyword, so any company is able to obtain them by registration. But in order to avoid this conflict, the trademark or original name owner have priority right to register China domain name and internet keyword during our dispute period. If your company is the original owner of this name and want to register these China domain names (nonewwars.cn, nonewwars.com.cn, nonewwars.net.cn, nonewwars.org.cn) and internet keyword to prevent anybody from using them, please inform us. We can send you an application form with price list to help your company register these China domain names and internet keyword during our dispute period.

Best Regards

Adrian Liu | Service & Operations Manager

China Registry (Head Office)

Tel: +86-2161918696

Fax: +86-2161918697

Mob: +86-13816428671

6012, Xingdi Building, No. 1698 Yishan Road, Shanghai 201103, China

****************************************

This email contains privileged and confidential information intended for the addressee only. If you are not the intended recipient, please destroy this email and inform the sender immediately. We appreciate you respecting the confidentiality of this information by not disclosing or using the information in this email.

Now I understand.  It is a scam that is simply frightening people into buying domain names they otherwise would not want or need.  Let’s see if I’m right with a quick search

Hmm.  I wonder if it is a scam…!  🙂  Apparently they’ve been doing this since at least 2009 – twelve years.  So it must work.  Well, he wasted some of my time, I’ll waste some of his.

But China is a communist country. I thought there was no such thing as copyright under communism.

I am awaiting the next email…

Bastard evil WordPress hostile design fault

I logged in to WordPress, started a new post and something flashed up on the screen.  Then something else, then I had lost what I started doing.  In my list of posts is a page just begun with only part of the title.  Odd, because something similar happened yesterday when I tried to write a post.

So I start again, this time having forgotten what I was going to write about and instead write about the distractions that WordPress itself now provides when you try to write a new post.  WordPress used to be somewhere you quickly went to and wrote a thought and posted it.  WordPress is now a product that wants to tell you all about WordPress.  I This was the result:

Showing WordPress losing my postI started to write “Distractions caused by WordPress” and got the popup about leaving the page.  So I let it continue.

WordPress telling me about itselfWordPress had interrupted my attempt to create a post to take me to a page to tell me about WordPress.  Why would I want to be told at this point, when I’m already using it to write a post? This is stupid, inconsiderate design.  Why not go here when I logged in, not when I am trying to put my thoughts on the page?

Now I have lost my train of thought and so won’t be writing the blog post I wanted to write.  WordPress has successfully sabotaged its own purpose – and mine – by trying to promote itself.  And now I am angry with the developers.

Twats.

Edit: Aaarrgghh!!  I realised I had not put a title on this post, went back in to edit it, started writing the title and WordFuckingPress jumped to that elf-promotion page again.  WHY?  Why send me there EVERY FUCKING TIME?  Why do it WHEN I AM TRYING TO EDIT A POST?

Password managers (new hosting site)

Password managers give me the willies.

Knowing all the big names in online hosting have been hacked or have lost passwords, why trust a password manager?  What makes them any more trustworthy than a multi-billion corporation?

But, everyone insists you should use them.  So I did – encryptr.  But they shut that down.  So I switched to BitWarden.  And now I want to get a password from it…

BitWarden not working

BitWarden just sitting there, spinning.

So, how’s that for security?  I can’t get into anything where I do not have another copy of the password.

 

Annoying having to log in twice

At some point in the past something changed. I’ve no idea what or when and it wasn’t something I did. But now when I go to log in I get:

wordpress login Error: cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.

Logging in a second time works.

This gives me the creeps because it is identical to a particular method of stealing login credentials I worked out (and used!) when at college many years go.

Today I had the time to investigate it and, oh dear. It does depress me when I see an error has been around for years and has multiple solutions proposed. I just know it will take me hours to work it out and, no doubt, other things will break.

So, some hours later, I’ve edited the

EDIT: And now I can’t post properly either. It would not let me post the above and when I tried to retrieve it, half it it was lost.

I’ve applied updates, edited the php_config.php, updated php on the server, ensured I’m using an out-of-the-box theme, disabled plugins and done a health check. Now the site is complaining it is not using HTTPS so as well as the original problem, I now have a new one. Exactly as predicted.

Another way to inconvenience spammers

Two posts in particular on here receive almost all the comment spam.  I have changed them both to say “Do not post comments here, they will be spam-trapped” which should prevent mortals falling foul of the mechanisms attached to those two posts.

I tried an experiment the other day and made them password-protected.  So the link the spammers use to get to those pages still works, but they cannot post anything.  This has – for the time being – stopped much of the spam.

I expect in due course they will just pick another ppst and target that instead.

Spam trap

I seem to have created a spam trap, or, at least, most if it is falling into a black hole.

My preferred spam tool was a Captcha tool that made you rotate an image and only when it was lined up could you post a comment.  That stopped working and would not any comments through so I had to disable it.  As soon as I did so, Woosh! the comment spam starts reappearing.

Most of it gets created against one specific post, for some reason.  Anyway, I had an idea.  I created that post again and gave it a different permalink.  A redirection  from the old permalink to the new was automagically created by WordPress, although I have no idea how.

Now the copy of the page appears but the original version does not.  However, the spam is being posted to the original page; presumably because they are going direct to the /id=nnn link rather than the permalink.

Rather than delete the page and risk the spammers picking a new one to post their spam to, I’ll just leave it there.

What I need now is a WordPress plugin that says “For any comment posted on this page, delete it and blacklist the IP address”.  That would turn my spam black hole into a honeytrap.

Hacked again

Another of my sites has been hacked and the home page replaced.  Much less damage this time and it was easier to repair, remove and make the site secure again.  (The cause was an old Drupal installation which I tried and abandoned but did not delete.  It had some bug in it that gave people more access rights to the site than it should.)

Unfortunately for the numpty children doing this, they don’t realise that putting graffiti on walls does not endear people to their cause.  Assuming it really is them and not someone else trying to discredit them.

Image of the hacked home page that replaced my personal web site.

Image of the home page that hackers uploaded to replace my personal web site.

 

Tiresome security vulnerabilities and wannabe l33t h4ckerz

The 11112018 organisation web site got hacked last week.  Some child replaced the site with a pro-Islamic page that boasted of their l33t h4ck1ng skillz and claiming to be an Afghanistani member of a hacker team:

Screenshot of the hacked 11112018 web site

Hacked 11112018 web site

Meh.  The page was the sort of thing one saw on bulletin boards back in the early 1990s with a link to an (uncredited) image of a Moslem knight.

It is a shame that in doing so, they trashed the 11112018 anti-war web site. How to make friends and influence people, not.

They managed to do so because I had not applied an update to the Drupal web content management software I was using; the version had a security vulnerability this person took advantage of.  A quick Google search shows they have uploaded identical content to over 700 web sites.

What amazes me is the poor quality of their work.  The HTML is full of stupid errors that shows the child responsible did a simple cut ‘n’ paste of downloaded code into existing HTML without knowing what they were doing.  It also includes embedded JavaScript, some of which does not execute at all because it is incorrectly implemented.  The layout of the HTML also demonstrates a total lack of understanding of what they were doing.

This is the technology equivalent of putting sugar in someone’s petrol tank or letting their tyres down.

(But they were unwise to leave log file traces, names, IP addresses, traceable script and a trail of identical destruction to other web sites online.)

My To Do List for June included replacing Drupal with something else and putting up a load of content onto the 11112018 organisation site.  Well, now it seems I’ll be replacing the site completely.  Time that would have been spent working on peace studies and pro-peace activity.  But now with slightly less motivation than I had before.

Although I could claim “Hey, I’ve arrived!  A pro-Islamist activist group have targeted my peace web site for taking down and replaced it with their messages of hate!”  But the reality is they have an automated script that just trawls the domain lists for sites due for renewal and searches for this specific vulnerability, then automatically applies their—rather awful—content.

They have just as mindlessly replaced a web site for childcare and a children’s skateboard park web site.

It’s just the same childish, mindless vandalism as spraying swastikas on bus shelters.

I am so disappointed.