Corneal Graft - Nearly there....

As some of you will know my wife has been waiting sixteen months for a replacement corneal transplant. Well in three days time the wait will be over and have to be at the hospital for 07:30 am on Thursday ready for the op.

While we have been waiting we have been supported by the UK Keratoconus Self Help and Support Association (UKKC) via its forum. I also received from them information about how many people were on the waiting list in the UK for a replacement cornea (over 3,000) and how short of donor eyes the Transplant service were. The hospital treating my wife claimed that towrds the end of 2010 and in the early part of this year the supply of donor eyes had dried up completely. However the Private Sector had no problem getting donor eyes and their waiting list was about 2 weeks mostly because the pre op tests took that long. I made enquiries about where the eyes were coming from. It turned out that most of them came from abroad where donor organs are obtained very differently from in the UK. The largest source seemed to be the USA who were charging little more than the cost of packaging the eyes and flying them across the Atlantic.

This is made possible because unlike many organs that have to be used withing hours of the donor dying, eyes can be safely stored for up to 28 days. This makes it practical to ship them right round the world. I was also told that hearts, lungs and livers were routinely shared across the EEC as there is a database that contains all the people requiring transplants and all the member countries have access to it and the donated organ goes to the best match. However that does not include eyes.

I asked my MP (Ed Balls) if this was Government policy or was there some other reason. He refferred me to the Blood Trnasfusion and Organ Transplant service who are responsible for harvesting donor organs and distributing them to the waiting hospitals. I received a letter from Lynda Hamlyn the Chief Executive of NHS Blood and Transplant in it she says;

"The current average waiting time for a cornea is two months and with the increasing level of cornea donation in UK, the waiting time is continuing to reduce. There may be occasions when there is a requirement for a particular tissue type or age match between donor and recipient and these cases may need a special search and result in a longer waiting time."

When I showed the letter to the Eye Clinic at my Wife's hospital there was total disbelief as what it was claiming bore no resemblence to the number of eyes available to the Trust here in Leeds. I have been told to show the letter to the Consultant on Thursday to see what he has to say about it - watch this space for his reply.

Virtual Nightmare

Those of you who have anything to do with websites will notice that there is a quiet revolution going on in the hosting services section. It is to do with upgrading from PHP 5.x to 5.3. The revolution is because a lot of the ecommerce websites that use OS Commerce and Zencart will stop working on the day their hosting service upgrades its servers to PHP 5.3. as thier software is not compatible with PHP 5.3 I have been trying to make sure the sites I look after are all up to date and ready for the date when their host upgrades. That presented me with a problem because my testing server is already running on 5.3 so I can't do trial updates. I needed a web server running PHP 5.2. I know the so called easy way of upgrading is to buy a new template or to load a blank copy of the shop and then enter all your goods into the new shop but that is costly in time and resources and your shop is offline till you have completed it.

I have never used virtual machines before so when it was suggested I install a couple on my Windows 7 machine and run the servers there I was a bit anxious to say the least, but I am always game to try something new so I downloaded Windows virtual machine and XP mode and away I went. It all installed just fine but XP mode will only run at 1600 x 1200 x 16 bit colour which makes the screen somewhat hard to read. It turns out that this is a well known bug that Microsoft are not breaking their necks to do anything about. This makes makes MS Virtual machine useless for developing web sites so I fired up Google and went looking for a better Virtual machine. The one I chose is Oracle VM Virtual Box because it is a good fit with my hard and soft ware.

Installing didn't seem to be difficult and so I went on to install a copy of XP Pro I had left over from previous my computers but I struck a snag when I couldn't get the virtual network card to link to my network. It took a good hour of digging through help files to find the solution but once I did, installing an antivirus program and my favourite FTP and HTML editors followed without a snag.

When I came to install the web server I hit another snag, my usual development web server is xamp and when I went to download the latest version I noticed it has been upgraded to PHP 5.3 so it was back to Google to find an alternative. I settled on Wamp 5 (now called WampServer since the upgrade to PHP 5.3) because it has all the elements I need (phpmyadmin, cpanel etc) but most importantly all the previous versions are still available and one of them runs on PHP 5.2. That solved the problem and in a very few minutes I had a virtual server that is a mirror of the one that hosts the two ecommerce site I need to upgrade.

This might sound a very long winded way of doing things but as anyone who runs an ecommerce site knows, if you give the hackers a tiny crack to get into they will find it and they can do untold damage. Working this way I can lock off the rest of my computer and network so that the hacker might get to the site I am testing but no further. That is possible to do just running web server software on Windows 7 but it has been shown it is so easy to hack a system setup like that which makes it a dangerous thing to do.

I now have two fully functional copies of the two ecommerce sites running on my virtual servers and can start the delicate and, on first sight, complicated task of upgrading them to be PHP 5.3 compliant.

I have written this really to ask you folk out there if this is the best way to go about solving a problem like this or do you know a better way. If you do I am all ears.

Brrrrrrrr and Wow !!!

Thursday 2nd December, the 4th day in a row that we are virtually snowed in.This morning the temperature is a balmy - 1.8 ° C and for now at least it has stopped snowing. Yesterday we made an effort to reach the Co-op and stock up on milk and other essentials. It was snowing hard and although the Co-op is only 300 yds from our home, we were both exhausted and very cold by the time we made it back home. After that experience I can empathise with the Police who are telling us all that if we really don't need to go out then stay at home.

On Tuesday, much to my surprise, the engineer from BT arrived to connect me to fibre broadband. He was wet through and frozen solid after working in the box at the end of the road for 30 mins before coming to our house. We wrapped him round a hot mug of coffee and our dogs did their best to cuddle him back to life again. Once he could feel his fingers he tested the line and found that we had indeed achieved the 40 Mbps we had been promised. There was a certain amount of re-running of wires needed to get fiber where I wanted it but it took less than an hour for me to be able to sit down and back up some websites in seconds that before took anything up to half an hour to download on ADSL. Uploads are now a breeze and files loaded into my FTP program just vanish even big ones are transferred in seconds. I have a feeling that my Internet life is going to be a lot richer from now on.

The attacks I wrote about last week are still going on but for the moment at least we seem to be able to catch them. Up to now we have dealt with the attacks by blocking the IP addresses of attackers. However this has lead to a .htaccess file of over 10,000 lines of code which is unmanageable. So we are thinking about a proactive way to cut down on the number of attacks by only allowing people from countries that we want to trade with access to the sites. You would think this would be relatively easy because as this is a UK company and all its products are in the English language then all you have to do is list the English speaking countries and job done. Not so. A lot of the UK's former colonies still follow UK teaching practices and use English language text books so orders can and do arrive from very unexpected places. At least the effort it will need to analyze the order books and see just where orders have been received from will only generate one line of code per country instead of the hundreds of lines needed to block all the individual networks as before (The UK would need 4,254 lines of code to block it properly, I shudder to think what the USA would need).

Given the weather outside I am so glad that I am offically retired. After our expedition to the Co-op I think that if I had to struggle through this weather to work everyday I would be permanently exhausted and my heart goes out to the folks I see on TV trying to carry on in very difficult circumstances. But that's the English - we moan like mad about almost everything but when the chips are down we get stuck in and the job gets done.

The cost of being hacked

Before I retired to care full time for my wife, I wrote two online bookstores. A few weeks ago the owner of those stores contacted me to ask if I could help him get them back up and running again. On investigation I found that both sites had been hacked, the access codes changed and the databases corrupted. The way these sites are run there is no need to store things like credit card/bank details so apart from basic security, not a lot of attention had been paid to security in depth.

Thanks to good backup routines both sites were back up and running in hours and that was that we though - wrong !!!!

One of the two sites was re-hacked in minutes despite the access codes being changed, the other followed a couple of days later. Time for some serious thought about security. Both sites are run on a commercially available online shop package so there is a wealth of experience on the user forums. It quickly became apparent that this was not an unusual occurrence and there were plenty of examples of what can happen, what to do about it and how to increase security. After a good deal of reading this is what we decided to do;

1. Change all the passwords to the back end of the site making them as strong as we could by using all the available characters (ASCII 0 to 254) and increasing the length of the password making it much harder for brute force hacking programs to discover the username/password.
2. Changing the name of the admin folder and adding extra security to that folder.
3. Making the .htaccess file as inaccessible as possible.
4. Changing the robots file to exclude all the folders we didn't want indexing.
5. Build some custom error pages that report every time a hacking attack is stopped.

So far this has thrown up some surprising information. Hacking probes are there all the time but most of them realise a site is protected and, after a very few attempts, stop trying to get in. A lot of the attacks come from IP addresses owned by large companies but it isn't clear at this stage if the companies are mounting the attack, a disgruntled employee is using the company equipment or the company had been invaded itself by a bot net and was unaware that their computers were being used in this way.

There seems to be three distinct types of probe;

1. A robot that wants to index the whole of the site - these can mostly be stopped or diverted using .htaccess
2. A probe looking for databases and/or customer lists
3. An attack that has recognised which shop is being used and is trying to access the specific files that will reveal the order list, the customer list, payment methods etc. This is by far the most dangerous of the three and the one we need to make most effort to block.

I'm sure some of my readers will by now recognise which company I am talking about and I want to reassure them that to the best of our knowledge none of their financial details can possibly have been lifted by the attackers because the company doesn't trade using credit or debit cards. Likewise although we know the database containing customer list and product descriptions has been destroyed more than once, there is no evidence available at this time that any names and addresses etc have been stolen. However you may find that as we have had to use backups to rebuild the database your account no longer exists. If that is so, please login and make a new one and accept our apologies for the inconvenience.

This sort of action costs business large and small a lot of money in lost time, lost orders and other fees to get sites working again. I know what the criminal hacker is after - they want personal data and bank details. But the hobbyist hacker has me baffled. What possible motive can he/she have for trying to wreck some one's lively hood?

Time to Change

Today the BBC released a story about a debate in the House of Commons concerned with just what Google collected as it drove past our homes. you can read all about it here http://www.bbc.co.uk/news/technology-11650692.

Now I have heard all sorts of tales about what Google has or hasn't done but I have come to the conclusion that it better to be safe than sorry. I am recommending to all my family and friends that they change the WiFi login details on their routers. Change the login passwords on their personal accounts on their computers and last by by no means least change the passwords on all their email accounts.

I know this means a lot of careful work needs to be done but as some of the people I know have business and financial details on their computers and they rely on them for their livelihood. I feel it is better to put in an hour now than trying to rescue all their financial details and contacts after someone has has found a way in.

Given all this, it is good general practice to change your passwords monthly and to scan your computer weekly for malware and viruses. Give the number there is about now you can't be too careful.

Two steps forward and one back

It's been quite a few weeks since I fetched my wife home from Hospital. We did manage a few days away when the weather was kind, the food was good and we managed to relax and unwind. The fun began when we got home and found that some of the drugs being given to Jackie were not suitable to be given together so we had a week or two of chopping and changing when we were not sure from one week to the next exactly what she should have been taking. Thankfully with the aid of her CPN and our GP we think we have got the drugs about right as most of the major side effects have disappeared and Jackie is making slow but steady progress to being well again.


I also had a setback. I had a fall that dislocated two finger on my right hand. One of them went back into place perfectly but the other has lost a chip of bone where the tendon has pulled away from the joint and a third tendon is ruptured. Thankfully it doesn't need surgery but I have been warned it could take some months to heal properly. In the mean time it is slowing and restricting the amount of time I can spend at my keyboard.


Speaking of keyboards, there have been a rash recently of alerts coming from the security firms who monitor the number of viruses and malware currently making the rounds of the system. They run from the mischievous ones that just send stupid messages to your screen through ones that can delete files on your HDD and cost a lot of time and effort to get rid of. However the worst of all are those that enroll your computer to a bot net and start to send your private details to the criminal gangs that run the bot nets.


The way to keep your computers free of infections like these are as follows :-

1. Make sure you have the latest version of a good anti virus program (I use Avast Free) and ensure that it updates at least daily.


2. Likewise download and install at least two malware programs and run a full scan weekly, the favourites for this are Adaware and Spybot both of which are free for home use.


3. A favourite way of getting malware (Worms) onto your computer is via a round robin purporting to be a warning about a new virus. One came to my notice this week. It was titled 'There is a Muslim in the white house'. It tried to tell you that if you received an email like this it would contain a virus that would put a flaming torch on your screen while it destroyed your HDD. I can find no trace of this virus in the database of any of the major Antivirus companies but there is plenty of evidence of round robins like this being used to sneak worms onto your computer. If you receive an email that is addressed to a lot of people and it asks you to pass it on to all your friends. Break the chain. Delete it from your computer preferably unread and don't send it on. You should also do a full scan of your computer to make sure you haven't been infected.


4. I use an email program that catches about 99% of the spam and infected email that arrives in my mailbox. It is called MailWasher and you can download it for free from here http://www.mailwasher.net/ It is free for personal use but if, like me, you have multiple mail boxes and accounts, then the pro version is worth every penny.

Just as a last aside, I was asked to look at a computer that was behaving 'oddly'. I had been asked to configure this computer when it was new and had loaded all the necessary antivirus and malware software. All the new owner has to do was register the software to activate it for a year. They didn't and the machine had been running on the web unprotected for about three months. The computer was slow because it was too bus running malware to be bothered to do what the owner wanted and it had enough viruses to keep a bacteriologist happy for months. It several days of hard work to get rid of them all and clean up the system and the owner's plea that it didn't seem important fell on deaf ears.

I have bought myself a Sony e-book reader. They are not all they are cracked up to be but they can contain a lot of books both e-books and audio books or music. For people like me who find it difficult to sleep they are a boon because with the addition of a small LED light, you can read in the dark or by plugging in a set of head phones (ear buds will do) you can listen to soothing music and read at the same time. I can also imagine that for long haul flights they could be an essential accessory as they have a long battery life (7,000+ page turnings) but I haven't yet had chance to find out how many songs/audio books they can play before the battery runs out. As they are recharged by the 5 volt USB system and only need a 4 hr charge from fully exhausted then there are many ways a traveller can find to refresh the charge in his reader's battery.

I have been offered some holly logs and that has spurred me on to clear all the rubbish out of my workshop. I am hoping I can disinter the two lathes that are in there and try to re-learn how to turn wood. There is nothing that cheers me more than something I have made giving pleasure to someone else so watch this space to see how I get on.

Home Again

Yesterday I brought my wife home from the hospital ending what seems to have been the longest loneliest period of my life. My next task is to take us both away for a few days for a bit of pampering in a hotel by the sea. This time I have two new toys to play with. The first is a CamCorder which I haven't had before - I used to use my SLR to record videos. The second is a 3G dongle that should allow me to keep in touch with the world from my hotel room without incurring sky high charges for using the hotel's WiFi connection.

While she was in hospital, my wife used the dongle and her notebook to keep in touch with me in real time using Yahoo Messenger. It made the world of difference to how she felt and to how she was able to keep in touch with the world outside. When you are in hospital for any length of time, you crave for contact with the outside world. These dongles make it possible AND cost less than a mobile phone to run. From the other patients point of view there are no annoying ring tones or someone talking. Typing on a laptop is almost silent so it annoys no one.

I only use a fraction of what one of these dongles can do as they can easily allow you to browse the web, download and watch streamed programs, use iPlayer or spend a fortune on eBay. When I am away from home I can collect my email, check my bank accounts and talk on yahoo with anyone I need to (a friend looks after our animals while we are away and calls to reasure us that all is well).

The learning curve for the CamCorder is going to be a steep one as mine is not sophisticated with anti shake and all sorts of other twiddly bits. I'll let you know how I get on when we come home.