Page 1 of full list of posts


Securing boyet.com, part 2: secondboyet

Just a quick update after starting this series a couple of months ago: secondboyet.com is now secure and, even better, gets an A+ from securityheaders.com . Even, gasp, the Content Security Policy . I will fully admit here that, because secondboyet.com is a pure static site (to remind readers who are unfamiliar with this, the site is generated using CityDesk, a well-dead-and-pushing-up-the-daisies-but-still-working app for creating blogs and websites), all I had to do was a cycle of visiting the...

READ MORE

GoDaddy shared Windows hosting compromised

A week or so ago, I talked briefly about some issues I was having with this blog and my previous static site on GoDaddy’s shared Windows hosting (the Deluxe version if you’re interested). It involves mysterious PHP files and modifications to my web.config files. Background For me GoDaddy shared Windows hosting has always been about hosting my blog on an IIS instance. The blog is an ASP.NET application called GraffitiCMS, open-sourced a few years back , although I’ve now altered the code quite a bit...

READ MORE

Scammy auto warranties, part 4,268 (approx)

Amazingly, my most popular post here on my blog has nothing to do with algorithms or data structures or Javascript or indeed anything to do with programming. It’s a post I whipped up 3 years ago about buying my wife’s Acura off the lease and then getting bombarded with dodgy and scammy “Auto Warranty” postcards and letters. Well, it happened again. Not because of buying a car off a lease, but even better. Quick bit of background: a month or so ago, my wife was called out to Fountain, which is just...

READ MORE

Securing boyet.com, part 1: static sites

Sounds simple, right? After all, I’ve babbled on about how to secure your web sites this past few months, both for AWS and Azure , so it should be a piece of cake for boyet.com. Right? Well, unfortunately, no. Thing is, I bought boyet.com 20 years ago in November, and, after using TDMWeb (which was owned by the publisher/editor of The Delphi Magazine , for which I wrote algorithm articles) as hosting for a while, I switched to GoDaddy . And then proceeded to mess things up by taking advantage of...

READ MORE

Moneyspire, a month later: the UX

(This post follows on from a couple of earlier ones, one , two , as I seek to replace Microsoft Money for my personal financial accounts.) In my main job, I work for DevExpress , a company that designs and writes user interface components for other programmers to use in creating the visual aspect to their applications. Controls like menus, ribbons, grids, charts, dashboards, reporting, what have you. We spend a lot of time in the design phase, working out how a particular control should work, not...

READ MORE

MicroCobol programming cheat sheet

And in today’s lunchtime blast from the past: a Summary Card for the programming language MicroCobol from my very first job as a programmer. “Do what?,” I can hear my developer audience from here. “WTF is MicroCobol?” Well, sit yourself comfortably and listen up. Pages 1 & 2 After getting my degree in Mathematics, I decided that the programming life was for me. I joined a company called CAP-CPP (the CAP stood for “Computer Analysts and Programmers” but the CPP bit eludes me), and they immediately...

READ MORE

Content Security Policy is hard, and then there’s Pinterest and AddThis

Over the past month, I’ve embarked on an update of my blogging sites to make them secure. All told, I maintain three, all using GraffitiCMS as the backend: this site, 64SAINT.com , and my wife’s crafting site. This site? Well, yes, it’s going to be a complete bear to do, mainly because it’s in two parts: the current GraffitiCMS blog (which you’re reading now, hosted on blog.boyet.com) and my old static blog site (hosted on www.boyet.com). I’m still unsure as to how I’m going to do this, or even how...

READ MORE

Fixing the import from MS Money to Moneyspire

Waaaay back when, in early 2017, I published a small series ( one , two ) on replacements for Microsoft Money . One app which almost made the grade was Moneyspire . However, even that had some issues, of which one was insurmountable at the time: transfers between accounts were imported twice, making the end result of setting up your accounts in Moneyspire a complete and utter mess. I abandoned the move and continued using Money. Nevertheless, Moneyspire improved in the interim and I paid for the...

READ MORE

Sint-Annatunnel, the Antwerp Underpass

This week is Techorama, a developer conference in Antwerp. I’m here helping out at the booth, but because of travel requirements, making sure I was here on time, etc, I arrived in Antwerp the day before. Time to be a tourist, especially as I couldn’t check into the hotel until 3pm. One of the sights I had decided last week to see for myself was the pedestrian tunnel, Sint-Annatunnel (Saint Anna’s Tunnel), that goes underneath the River Scheldt from one bank to the other. Useful stats It is pretty...

READ MORE

CORS and MIME types

Direct, it seems, from the pit of “Code bugs only manifest themselves when you least expect them” horrors, comes this doozy. If you have read a couple of recent blogs posts you’ll know that I’ve been slowly, step by step, making my various domains secure. (This one is the worst offender, but is also going to take the most effort because of *cough* GoDaddy *cough*, and its peculiar rules regarding SSL certificates.) One of the recent ones was my URL shortening domain jmbk.nl . Five years ago, I wrote...

READ MORE