I just fixed a bug regarding character encoding in the RssListener.
The way I loaded the news feed into the XML parser broke the character encoding in the parser.
This also had me verify that right to left languages works as expected.
Thanks to my coworker who happens to read the same language that prompted the bug report!
I don’t have time to make a proper release for a couple of days due to my kids school ending for the summer.
If you feel brave and really want a better RssListener you can test my debug version that is here: logview4net_Debug.zip until I make a proper release.
Big thanks to the user who gave me the bug report.
I think I have annoyed enough users and it is not worth the money.
The big download button now gives you a clean installer without bundled software.
There is still a link to the installer with software offers that you can use if you feel brave and generous.
The latest software offers that obfuscates the cancel and decline buttons by making them look disabled are really nasty. I could still sleep knowing some users might feel tricked into install crap, but having a large user base feeling forced to accept it is not very pleasant.
I appreciate all you users who have downloaded and installed logview4net even though it currently has a horrible installer that more or less forces you to install a lot of crap.
Please note that you can click the grey ‘Cancel’ and ‘Decline’ buttons even though they look disabled.
If you’d rather have a clean installer you can use the link bellow the button.
I will remove the software bundle as soon as I make it enough to get paid from InstallMonetizer.
This week I got a very nice donation so I plan to buy a code signing certificate to make the installer look less suspicious to the browsers.
It has been a hectic couple of weeks trying to keep ahead of the script kiddie who has been vandalizing my sites.
I’m still not sure if it is one of my sites or Dreamhost as a whole that has been compromised but my sites there are trashed within minutes after I fix them.
A part from the vulnerability in it self the main factor for my troubles are that Dreamhost is running Apache under my user account. Since I have permission to alter all my files so does Apache.
A simple directory traversal will give an attacker access to all my sites under the compromised account.
I’ve now moved most of the attacked sites to a VPS where I have better control. Considering all time I’ve spent cleaning up after attacks I think it will be cheaper to admin a whole server.
I got a warning from Dreamhost on 2012-02-15 that this site might be compromised due to a flaw in the theme I am using for WordPress.
I haven’t found any malicious code, but just to be sure:
If you have downloaded an installer for logview4net from here, please run an anti virus scanner on your computer.
I have re-uploaded new installers so they should be fine now, but I was in a bit of panic mode so I didn’t check the old ones before I deleted them. There is probably nothing to worry about, and most downloads are from uncompromised files at SourceForge.
If you see something weird on the site, or get malware warnings, please let me know.