A few more spotify invites

I might never post to my blog, but at least I post all my spotify invites. :-)

Grab whatever you need:

1. B2hjaV8ajZhqT7hH
2. 6Bx4F8ekP6Kbbh3P
3. D77bJWMfZdDH6Kc9
4. T9aiRVxcNgfxEs4A
5. XbZCPcx8t5MBhy7q
6. eC46Hz3Gxxg9nsz2
7. G6HZP2wfqtMAWUeR
8. eY5s9sxHU458Tcmf
9. VX9wS7teuPJ2kNhz

Even more Spotify invites

The last ten invites I posted for access to the Spotify.com beta have all been used. Should you still need an invite, here go ten more: [Edit: All invites have been taken. More to come]

Successful migration from Wordpress to Blogger and Google Apps

Introduction

The following path outlines my successful migration from a custom hosted wordpress blog (not on wordpress.com) to a blog on Blogger and E-mail on Google Apps.

The reason to do this migration was that my old hosting was slow and unreliable, and I wanted a maintenance free and cheap hosting solution for both blog and e-mail. Google’s solutions were chosen over e.g. corresponding Microsoft Live products, mostly due to the excellent webmail interface Gmail offers.

The examples below use akselvoll.net, this domain, as example.

Starting point

1. Domain (akselvoll.net) registered with Godaddy.com
   • Generally satisfied
2. E-mail and webhosting with dream-hosting.co.uk
   • Extremely cheap (9,99 GPB / year) but very unreliable (downtime several times per week)
   • cPanel based hosting (11.24.4-RELEASE) – very flexible but mostly untouched
   • Wordpress (2.7.1)
   • Approximately ten e-mail forwards (no hosted e-mail)

Goal

In general, keep current domain registrar and move all other hosting to managed services (SaaS) to minimize configuration and management time, while at the same time increasing security and availability.

All content should be migrated to the new platform (although new URLs for blog entries was expected).

Chosen applications:

1. Godaddy as domain registrar and for DNS
2. Blogger for weblog hosting
3. Google Apps for mail forwarding and optionally (on a user to user basis) as primary mail account.

Step 1: DNS migration

DNS is probably set to a server controlled by the old web host. First step is to enter Godaddy Domain Manager and choose “Hosting nameservers”. Shortly thereafter (a couple of minutes) “Total DNS Control and MX Records” will be available. Enter the following settings to temporarily replicate the old hosting:

Record type	Host	To	TTL	Comments
A	@	<OLD ID>	1/2 hour	Root of domain (akselvoll.net) to old hosting
CNAME	www	akselvoll.net	1/ 2 hour	Pointing www.akselvoll.net to akselvoll.net
MX (priority 0)	@	akselvoll.net	1/2 hour	Sending mail to old hosting

All other default Godaddy entries should be deleted.

Note that now the DNS server had been switched. The only downtime would be for clients running NSLookup in the timespan from changing DNS servers until the servers are properly configured.

Also note that all TTL’s are set to the minimum value (1/2 hour) to be able to switch over to the new services later as quickly as possible, minimizing DNS propagation time.

Step 2: Blog migration

Create a new blog on Blogger, using default settings for most choices. Then migrate contents from the Wordpress blog using the tool blogsync-java. A couple of tips and remarks regarding this process:

1. The complete JDK from Sun seems to be necessary to run this tool.
2. Edit the run.bat file of blogsync to reflect your jdk installation path (the second to last line?)
3. Important: Settings are not properly saved in blogsync. Enter your wordpress and blogger logins, press save and then exit and reopen the application, before you try to run it.
4. Blogger seems to limit the number of items you can create automatically per day. In my case I hit this limit when three posts remained, and I simply migrated those (copy/paste) manually.
5. Wordpress hosted images are not properly migrated. You need to download those and upload to blogger and fix your posts manually.
6. Comments are not migrated.

Step 3: Taking the new blog live

I took the blog live before Google Apps, because several posts on the internet indicated that the opposite would not work. Most of those posts were rather old, though, so I don’t know if this is still an issue.

When the blog is more or less ready, set it up to be reached through the domain url. This is done by following the instructions in the Publishing settings in Blogger. Important: To work correctly with Godaddy DNS, set up www.akselvoll.net as the publishing URL, not akselvoll.net. This redirect will be set up later. The reason for this is that if you set up a CNAME for the root of your domain in Godaddy (and possibly other DNS servers), this will also redirect your MX lookups, and thus disable your email.

The resulting DNS setting in Godaddy are as follows:

Record type	Host	To	TTL
CNAME	www	ghs.google.com	1/2 hour

Note that a short TTL is used on all DNS settings until the setup is testing and working, to limit the duration of any errors (and yes, I had some, not documented here :)).

The blog is now live on the url www.akselvoll.net. Next step is to set it up to respond on akselvoll.net as well.

Step 4: Setting up redirection from root of domain

To set up proper redirection from akselvoll.net to www.akselvoll.net, Godaddy’s own mechanism is used, to circumvent the above mentioned CNAME / MX problem.

Instructions, as obtained through tech support, are as follows. Set up an A record from the root of your domain to Godaddy’s forwarder IP, “64.202.189.170”. Then use the “Forwarding” options available in the Domain Manager, and forward to http://www.akselvoll.net [Edit: Do not include a trailing slash (/) in the forward URL as this may give you double slashes and HTTP 400 Bad Request errors.] I chose to use “301 Moved Permanently” for desired search engine indexing, convinced by this page.

The DNS setting is as follows:

Record type	Host	To	TTL
A	@	64.202.189.170	1/2 hour

Step 5: Testing before mail migration

Now is a good time to test that your blog is live on www.akselvoll.net and akselvoll.net. You should also test that e-mail is still delivered to the old account.

If you have problem accessing through the new URL, this may be due to DNS propagation. I recommend using http://www.network-tools.com/ for checking the DNS records, and http://www.hidemyass.com/ for accessing your site easily through a proxy.

Step 6: Signing up for Google Apps

Sign up for Google Apps Standard Edition here. Follow the instructions for setting up the domain and e-mail, but choose to set up domain later when asked. The reason for this is that you want to configure any e-mail redirections before you start receiving mail.

When your Google Apps account is working, configure an email account for each user that needs either a mail account or forwarding. Note, though, that you can create several aliases per user, in case you want to forward several addresses to the same destination. (There is no forwarding without an account.)

To set up forwarding, log on to each of the accounts, enter Settings –> Forwarding and POP/IMAP. Enable the forward option, enter the email address to forward to and choose whether you want to leave forwarded mail on the current account or not.

Step 7: Start receiving email on Google Apps

Enter e-mail settings in your Google Apps account, and select the option for activating e-mail. This should be fairly straight forward, and your DNS settings should be similar to the ones shown below:

Record type	Host	To	TTL
MX (priority 10)	@	aspmx.l.google.com.	1/2 hour
MX (priority 20)	@	alt1.aspmx.l.google.com.	1/2 hour
MX (priority 30)	@	alt2.aspmx.l.google.com.	1/2 hour
MX (priority 40)	@	aspmx2.googlemail.com.	1/2 hour
MX (priority 50)	@	aspmx3.googlemail.com.	1/2 hour

I’m unsure to whether the trailing dots are necessary, but this is how Google instructs and it is working. Also note that I still choose to set TTL to 1/2 hour, in case anything is incorrect.

Step 8: Test email

You should now test that email is properly received / forwarded on Google Apps. It is also wise to double check your blog (with and without www) at this time.

Step 9: Increase TTL on DNS records

If you now feel sure that email and blog is correctly set up, you should increase the TTL on all DNS records, to improve caching and performance. I recommend setting all records to 1 Day or 1 Week. If you later plan to do any changes, this is the maximum time that your DNS records will be kept in any cache. Prior to doing any later changes, you should reduce them all to 1/2 hour again, and then wait for a few days, to be able to move quickly.

Step 10: Set up and an SPF record

To ensure that your outgoing Google Apps mail is not marked as spam, you should set up an SPF record. Google Apps provide instructions for this; in short you should set up the following SPF record: “v=spf1 include:aspmx.googlemail.com ~all”.

To do this in Godaddy total DNS is easy yet not intuitive.

1. Click “Add new SPF record” in the total DNS control.
2. Choose “an ISP or other mail provider” and click OK.
3. Click the tab “Outsourced” and enter "aspmx.googlemail.com” in the textbox. Leave “Exclude all hosts not specified here ( -all )” unchecked and click OK.

This should give you a DNS record as shown below:

Record type	Host	To	TTL
TXT	@	v=spf1 include:aspmx.googlemail.com ~all	1 Day

To test your SPF record, the easiest way is to send an email to check-auth@verifier.port25.com. You should shortly after receive an authorization report to your email, hopefully with SPF: pass. If this does not work, Google for other ways to test SPF.

Step 11: Migrate mail

If you plan on using mail accounts on your domain (not just forwarding), you should look into Settings –> Accounts on your mail account. To migrate from Gmail the procedure is as follows:

1. Enter your (old) Gmail account, select Settings –> Forwarding and POP/IMAP and enable POP for all mail.
2. Enter your (new) Google Apps account, select Settings –> Accounts and click “Add a mail account you own”.
3. Enter your Gmail address, and accept all default values. Enter your password and click ok.
4. Respond to whether you want to be able to send outgoing mail from that address and, if so, follow the instructions.

The whole migrate process can take a couple of days. When this is done, I recommend disabling the account in your Google Apps, and simply set up forwarding from the Gmail account.

Conclusion

You should now have moved your mail and blog to free Google services, hopefully without much downtime. If you have any questions, please comment to this article or mail me (if you can guess my address :)).

More Spotify invites

Edit: All invites have been taken. More will be posted soon

I recently posted six Spotify invites. I have now gotten ten more, so here they go.

1. 6iJyN7iuumy3CfqK


2. Xq2GYFhy4YKAVSUi


3. JSBPn9PUpJ6p2xAR


4. 9wUTSLbMw5MBSn52


5. 7dNLtfHz6uHNXgUT


6. w8mzwtMP3M4hBqtG


7. xf7ENKwVb5kGFCzh


8. 8ukpnqwNMi7PCbH7


9. gpzVwRWEhwKG2DEY


10. 3YBBe2FMw5SYeqMj

If the first one doesn’t work, try the second one etc. (And feel free to tell which are taken or even post more in the comments).

Spotify invites

Edit: All invites have been taken. I might post more later.

Feel free to grab a Spotify.com invite if you don’t already have one. If one fails, try the next on the list.

• VyHkdcCHb6TspB7U


• dskxzDyqU4SyCyFN


• yCsuuViMazBAMYEL


• xRDRaZtXXjj4qRKB


• 2fRu7E7hy5TG358p


• zGJxBkiGchaKFxR7

Incredible incompetency

[Disclaimer: This article is only based on information available through the Norwegian media (thus the links in Norwegian). It’s accuracy is limited to their accuracy combined with my personal understanding of the matter.]

Thursday the 12th of March, more than 1000 computers belonging to the Norwegian police were infected by the computer virus Conficker.

Stop and think! Self-updating, remote controllable, known to be malicious code running on the police’s computers. Maybe they were all innocent workstations with no important information?

I’m afraid not. According to reports, the systems for daily operations of the police departments were unavailable. Passports could not be emitted. Border controls could not check visitors passports against their registries. The unavailability of these services is probably bad, but this also means that this malicious code running on their computers had open access to information about criminal cases, filings, citizen databases, etc.

So, how did this happen?

The Conficker worm spreads through a buffer overflow error in most versions of the Windows operating system. This error was fixed in a critical patch released by Microsoft the 23rd of October 2008.

Why didn’t the police install this patch on their computers? They host their system on Windows NT 4.0. This is an operating system released by Microsoft in 1996 that had it’s last available support agreement terminated in 2004. By the end of that year, Microsoft stopped fixing known security vulnerabilities in the OS, and stopped testing it against new vulnerabilities.

Running NT 4.0 in 2009 is stupid. Using it for hosting operational systems with extremely confidential data and high availability demands is neglect.

So, how did they handle this crisis? Did they shut down all systems with suspected infection and wiped their hard drives with a fresh image that had gotten the vulnerable services secured?

According to the press, the virus continued spreading today and has made systems respond slowly. Espen Strai from Politiets data- og materielltjeneste (PDMT) [The police service for data and equipment] has explained that “the challenge is to shut down the infected PC’s and run antivirus programs while the system is still running”.

You cannot trust a computer once it has executed malware. The only option to clean it reliably is to wipe the drive and install an image that is known to be clean.

I don’t know the complete picture behind this story, nor have I read all of the vast information available in the press. But it is clear that this is a serious case of neglect and I personally hope that criminal charges will be filed against the ones responsible for keeping alive this fundamentally insecure and antiquated system.

How to integrate Spotify into Last.fm

Trick to get direct links to Spotify searches from the Last.fm web page (very useful for e.g. your personal recommendations):

1. Install Greasemonkey: https://addons.mozilla.org/en-US/firefox/addon/748
2. Install this script: http://emil.hesslow.se/spotify/spotify__lastfm.user.js

Note the little green notes you now get next to artists, albums etc.