Congressman Mike McIntyre has come back to us to refresh the website we did for him in 2008. The new site, branded Mike Works for Me, will feature a video blog of 7th district citizens and ways Congressman McIntyre has worked for them.

Visit the new site: http://www.mikeworksforme.com.

Great news on the development front. Wordpress 3.0 codenamed Thelonious has hit the distribution shelf. You can download it at www.wordpress.org.

Wordpress 3.0 brings a sleek and sexy menu management feature along with a host of other features from convenience fixes to major additions.

If you’re an O3 client, you may notice an upgrade flag in your Wordpress Dashboard. Don’t worry, we’ll get around to upgrading everyone with due time. We’ll likely wait for the first minor release (3.01) before upgrading across the board.

All new O3 clients will begin to take advantage of Wordpress 3.0 immediately! Any questions or concerns, by all means, contact us!

We’re happy to say we’ve just released a brand new website for the Center for International Understanding. Check it out.

Brian Onorio is a Caldwell Fellow himself. So when the program began looking for a company to assemble the program’s online newsletter, Brian happily volunteered O3. www.caldwellfellows.com

We had the pleasure of working with Eddie Goodall and Paul Norcross in launching the new website for the NC Alliance for Public Charter Schools, www.nccharters.org.

O3 has certainly carved out a political niche. The NC Republican Senate Committee has gone with us to get their next generation site up and running. Tell us what you think!

After doing the website for Thom Goolsby’s bid for NC Senate, O3 has designed and developed a new website for his law firm, The Goolsby Law Firm.

The Wordpress Hidden Link Injection exploit has been the cause of concern for many users who use Wordpress on a daily basis. For those unfamiliar with the issue, the attack inserts links into the files of your active Wordpress theme mostly pointing to adult material elsewhere on the web. The links are completely hidden from view so you may never know about them and nor will your visitors. But the search engine spiders will certainly pick them up – and penalize you for it.

Detection
Seeing if your Wordpress install has been compromised is easy. Simply view the source of your homepage and look for any code that does not belong. Check near the top and near the bottom of the file as this is the place I’ve found the hidden links to mostly exist. They’re also usually wrapped in HTML comments.

<!--s-->
<u style="display: none">
<a href="some_url">Some website 1</a>
<a href="some_url">Some website 2</a>
...
<a href="some_url">Some website n</a>
</u>
<!--e-->

If you see code like that, chances are, you are a victim of the Wordpress Hidden Link Injection exploit.

How are “they” doing this?
Apparently, there was a security hole in Wordpress versions 2.8.x that allowed outside users to hijack the /wp-admin/upload.php file and insert files on your server that could be used for all sorts of malicious purposes. One of those purposes is the hidden link injection. Wordpress 2.9 fixed this hole, however, simply upgrading is not enough. Outside users will no longer be able to hijack upload.php but the files that they have already inserted will still orchestrate the attack.

That’s why simply removing the links from header.php or footer.php (the two places I’ve seen the links) is not enough. You’ll notice that the links will simply reappear. We’ve got to treat the disease now, not just the symptom.

Fixing the problem
First and foremost, always keep your Wordpress install up-to-date! Updating could not be any easier. Simply click on the alert that appears at the top of your Dashboard and follow the instructions. It takes literally 10 seconds.

Next, change the admin Wordpress user’s password. Also change your MySQL user’s password.

Lastly, find the files that have been inserted by the exploit via upload.php. I have found two separate instances of these files, both located in the wp-includes folder. Check the permissions of each of the files in wp-includes and investigate any file that has 777 permission (that’s your first clue that something is wrong). class-rss.php and feed-atom2.php are two files that I have seen cause issues. Cleverly named files. These two files are not native to the Wordpress codebase and can be safely removed. If you were to open either of these files and know a bit of PHP, you’ll see that these files are certainly the culprit.

Going through these steps should safeguard your Wordpress installation against the hidden link injection exploit.

Stay vigilant
Just because we’ve fixed this does not guarantee that you’ll be immune forever. Hackers are constantly looking for newer and better ways to tear stuff up. Wordpress has been exceptionally good at patching security issues, but someone somewhere has to be the guinea pig to get hit with an attack – and then report it to Wordpress.

One great plugin I’ve begun to use is Wordpress File Monitor. This plugin scans your Wordpress installation and reports if any files have been added, deleted, or changed. The plugin is customizable to run on a schedule that you set. You can also exclude directories from the plugin’s reporting so that you’re not alerted every time you upload a picture to insert into a post. I, however, recommend that you do not exclude directories as that directory may be the next location of the next exploit.

Today we launched Thom Goolsby’s online State Senate Campaign! Thom’s website certainly ranks among the better of the State Senate Campaign websites and I’d venture to say that it’s better than a good portion of the US House Campaign websites as well. Of course, my opinion is clearly biased!

We wish Thom Goolsby the best of luck as he looks to represent New Hanover County in 2011.

A Viable Tablet

Rumor has it that Apple will be announcing the iSlate later this month. Speculation is that it will feature a 10″ touchscreen and look like an enlarged iPhone. That’s all well and good, but I’ve gotten no indication to actually what this machine will actually do.

On the other hand, The Microsoft Courier, still not a confirmed product, has some quite interesting “leaked” videos available. The feature set in this utility make it a must buy for me. That is, if Apple doesn’t beat them to the punch.

Solution to Web Fonts – More Realistically Hoeffler-Jones Foundry to Typekit

I’ve written signiciantly about the web font problem. Playing it safe, many developers will choose to use one of the 6 or 7 standard web fonts to ensure that their site renders in all browsers across all platforms. The result is mundane and ugly websites. Alternatives include capturing images of specialized fonts – but that’s not good for actual copy, using a replacement utility like sIFR or Cufon – but that results in ugly code and requires the use of javascript or flash to render, or using a commercial service like Typekit – which provides a lot of quality fonts, but you’re still limited.

I don’t see a solution coming this year, but I’d settle with the Hoeffler-Jones Foundry signing on with Typekit.

Total Decommission and Destruction of IE6

Ok, this isn’t realistic at all, but one can dream…

Chrome OS

The Cloud is sexy. The Cloud is in. The next thing to move to it is, well, the entire operating system of a computer. Imagine only needing to buy shells of computers: a display and a box with a motherboard, network card, video card, and sound card. Maybe some RAM, but drastically less than what we need now. And then being able to boot that computer up and pulling your applications, your documents, your music, everything from computers in the sky. Then go to the local library and boot up their shell computer and have it pull the exact same information to that computer as well. The possibilities seem absolutely endless, until your RoadRunner service gets bogged down with all the network traffic and opening Microsoft Word feels like pulling up The New York Times with a 56K modem…

Tethering to AT&T

I don’t care how many commercials you put up featuring Luke Wilson – and besides, the commercials aren’t convincing at all… we iPhone owners know that AT&T certainly is not the best service available. AT&T needs to pony up on promises it has long forgotten. GIVE US TETHERING!

Smart Phone Video Conferencing

Maybe with the next generation iPhone – or with the Google Nexus One – we’ll get a decent video conferencing handset. Rumors for the next iPhone say that the camera has been put on the front of the device, not the back specifically for this purpose. I would imagine that there would either need to be 2 cameras (one for photos on the back of the camera so you can see what you’re shooting) and one on the front for video conferencing, or have the camera be dual use and flippable from front to back.

Wordpress 3.0

We’re up to 2.9.1 and hopefully, 3.0 takes Wordpress into full bona-fide CMS as opposed to simply a blogging platform. Developers like us (because we’re smart) can make Wordpress do what we want it to do anyway, but it’d be nice for most of those features to be done natively as opposed to custom developing or finding unsupported plugins to do the trick.

Timeline View for Facebook

Looking at status messages of years back – make that months back – no, days back can sometimes take forever clicking more posts over and over and over again until you find what you need… I’d like an archive view to come to Facebook if for no other reason that just because I want to be able to increase the efficiency of my Internet stalking

Google Tasks 2.0

I love Google but their Tasks service is lacking. I want tasks built into GMail and Calendars, have alerts on days that tasks are due and I want that syncable to smartphones. That’s not too much to ask!

Increased HTML5 Support

This would be nice. But I have a feeling that we’ll never fully be able to move to HTML5 until certain browsers are done away with…

A lot of pomp and circumstance went into the release of Apple’s new Magic Mouse. I’m a sucker for Apple’s products (and at times, gimmicks) so I bought one. Personally, I love it. Half of that is because the Mighty Mouse was pretty weak stuff so the Magic Mouse was leaps and bounds ahead of it’s predecessor, at least relatively. It still doesn’t offer as many hand gestures as the MacBook Pro’s Trackpad, but it does a decent job.

Read more »

Well… kind of. For the first time, Firefox 3.5 has more users than any one version of competing browsers.

Read more »

O3 is happy to announce that our Wordpress widget – Social Gator – has hit the Wordpress Plugin Repository!

Read more »

The status update – where are you and what are you doing. Today, we live our lives online with social networks such as Facebook and Twitter, photo sharing services like Shutterfly and Picasa, and, most recently, with mobile phone apps that now remove the need to type out exactly where you are – it already knows.

Read more »

We’ve all seen terrible movies like White Noise before where the basic premise is that unsettled souls exist all around us and communicate through various disturbances in electronic communication. Yes, their plot line is that my great-great-grandfather can talk to me through my Kitchenaid Mixer. Sure.

Read more »

The News & Observer is reporting that bad economic times are the best time to promote a business. This concept is something that we here at O3 Strategies are keenly aware.

Read more »

I wanted to post a follow up to August’s post title “Brett Favre the IE6 of football.” Well how wrong were we?!

Read more »

We’re starting a new tradition at O3 Strategies and the beneficiary will be you! This year, we’re redefining who Santa Claus is. He won’t have to worry about fitting his rotund frame down your chimney as he will be able to connect your chimney to the world via the miracles of modern technology.

If you’re interested (and why wouldn’t you be?) then head on over to our Holiday Website Giveaway Entry Form and fill it out. Don’t stop there, send this to your friends and family who own or operate businesses and let them have a shot at it too. Entry is completely free!

Read more »

Google announces its first series of testers amid tons of pop and circumstance. Apparently, Google Wave is supposed to transform the way we communicate. But so far, only 100,000 people get to actually check it out. If you’re like me, you’re stuck watching those hour long videos that Google posted earlier this year on what Google Wave actually sets out to do. But the videos are dry and academic. So to give you a taste of what it’s supposed to be, check out this video that dissects Google Wave.

Read more »

Crate & Barrel, besides being one of my favorite stores, has a new shopping cart system that is quite good. In fact, it’s probably one of the best shopping cart systems I’ve seen on the Internet. Read more »

How did we obtain somewhat trivial information that was nonetheless pertinent to everyday life? Without Google, Wikipedia, and other new age intelligence devices, how did we get by?

Read more »

Brett Favre is a Viking, pending a physical.

Once considered perhaps the greatest current version, this faulty, quirky, and bug prone passer has become the entity that just won’t go away.

Read more »

In reference to my complete ditch of Microsoft Outlook, I must say that life in the cloud isn’t always, well, sunny. Sometimes, it’s downright… cloudy… This morning, I’m making reservations for a business dinner and I pull up my trusty Google Calendar… only to see this:

Read more »

This post is Part I in a series I’ll be doing on Google Analytics. Today, we’ll center on who visits your site and where they came from.

There is certainly power in knowing. When dealing with a website, a statement couldn’t be more true. Knowing who is visiting your website, what pages they’re clicking, the paths they’re taking to get there, and generally what they’re doing on your site can be absolutely invaluable when fine tuning to turn your virtual reality into real money.

Today, we’re going to look at the most popular website analytics package out there in Google Analytics. We’ll do a step-by-step approach to help you understand the terminology, what it means, and finally what you should do about it.

We’re going to do a case study on the most visited site we have in our profile: StateFansNation.com

Read more »

Outlook. By far the best e-mail client out there, but saying that is like saying you’re the tallest of the Seven Dwarfs. Not much. I’ve used it because it’s basically been the defacto standard since the proliferation of e-mail.

Hi, I’m Brian, and I’m an Outlookaholic.

Today, I have good news. If you follow this easy 5 step program, you too can be rid of Outlook and all fo the headaches that come along with it.

Read more »