OpsanBlog

Yellow!

I just have to share:

Shrinking the Transaction Log File

Seems my database has been a bit busy, scraping comment spam out of the content table and archiving them for future reference. Each scrape and move is a transaction, which gets stored in the transaction log file for the blog database.

I had a disk space issue (i.e., too much trance), a backup failed and the transaction log failed to back up. Upon that failure, the log didn’t get truncated, so it grew out of control.

A quick Bing Search for "sql server shrink database" and I uncovered "How to use the DBCC SHRINKFILE statement to shrink the transaction log file in SQL Server 2005".

Subjunctive Identity Theft .. From American Express?

Say it ain’t so. Please. First of all, what is the subjunctive?

Subjunctive: a grammatical mood that expresses doubts, wishes and possibilities.

I also think of it as:

That which has not happened, but is in the realm of possibility.

Either definition, I titled this post thusly to describe a scenario I just experienced.

• I pick up a voice mail from American Express, for a "non-sales purpose" (meaning, it’s not a marketing call). The recorded caller gives me a toll-free number.
• I call the number, where I get a sparkly answering machine that sing-songs "American Express" to me and puts a representative on the line. The first thing the representative says: "May I have your account number?".
• Umm .. I realize the process simply cannot start until I identify myself to the representative, but I am not about to give my account number in response to a voice mail with a toll-free number I don’t recognize.
• I advise the representative I am responding to a voice mail from their office and that I’m not comfortable giving her my account number. I ask if I could give her my name and have her look me up that way.

She says she cannot.

• I ask her why my phone number (which is not blocked) hasn’t identified me to their system.

She says this particular toll-free number doesn’t have that kind of detection.

• I express my concern about this and suggest that this is a process that is rife with privacy and account risks.

She is apologetic.

• Finally, I ask if I may call the phone number on the back of my American Express card to ensure I’m connected to their system.

She says that would be fine.

• I dial in, get the same sing-song "American Express" and press keys to get another representative. I explain the situation to her and she asks me for my card number.
• I reiterate my concern about the previous call.

She is apologetic.

• As I know I’m speaking with the legitimate system, I will give her the card number for the affected account.
• Note that I have three American Express cards, and there was no indication of which card was affected.
• I give her a card number.
• She confirms my zip code and another data point to confirm I’m who I say I am.
• She busily cross-references my other accounts and finds the card with the activity that generated the call.
• She describes erroneous data entry; specifically, the clerk fat-fingered my zip code on a recent purchase (coincidentally, woman’s shorts, from my recent coffee mishap, actually).

I confirmed I had made the purchase and thanked her for her diligence and we were finished. However, their process has severe security flaws:

• Initial contact made by an automated voice mail. Note that anyone could have made the initiating call, and setting up a ‘drop’ (someone to pick up and role-play these questions) is trivial these days.
• The voice mail doesn’t contain a unique case identifier. This would allow representative cross-reference the proper account once the customer calls in.
• The first question asked is "what is your account number". Bollocks. See above.
• No way for the representative to cross-reference accounts without an account number. If the representative had read certain data back to me to confirm my identity, I’d have been more comfortable with the call.

You could liken this to getting phished in an email with the subject line of "Your account is at risk" with a URL to click or phone number to dial in.

American Express: This is broken. Please fix it.

Credit card holders: this is a risk. Be very, very careful giving credit card information over the phone. Be hard on the companies who ask you for this kind of information without proper safeguards.

What is your Autism Quotient?

Newsweek points me to "The Autism Spectrum Quotient", with interesting results.

So, you have your first apartment ..

.. or still live in your Mom’s basement.

No need for the babe you met at the drive-in window of Jack in the Box to not think you’re a player who owns a crib with a view.

Well, finances, that is.

Teasing. This works for the player above, or for the artsy urbanite; Adam Frank brings us "Reveal":

WikipediaGate. So: Why is it called "Gate"?

Okay, I know. I’m from the ‘Watergate‘ era, during the Nixon years.

Since then, we’ve had:

• NannyGate (hiring a sitter and failing to pay payroll taxes)
• NippleGate (The unfortunate ‘wardrobe malfunction‘ at Super Bowl XXXVIII, starring Janet Jackson and Justin Timberlake)
• .. there was even a GoogleGate, back in 2005.

Now I’m hearing WikipediaGate.

Essentially, it describes the situation created when an article is edited to benefit an individual or organization. This could be someone who writes their own, inflating their contributions, an organization removing unfavorable bits about itself (or hiding the truth entirely), or any number of similar, FBO entries.

Up until recently, most anyone with an account could edit an article on Wikipedia. Entries and updates were rudimentarily tracked.

Then, along came WikiScanner, a nifty tool that tracks who (by IP and other means) posted what, when and where.

Allegedly, CIA and FBI computers were used to edit posts in Wikipedia. Topics include the Iraq situation and the prison at Guantanamo.

Not that I’m political (I’m really not), but: why would the government want to change articles?

As the changes will likely violate Wikipedia’s conflict-of-interest guidelines (duh), I suspect we’ll hear more about this by the outraged web as time goes by.

Reuters: "CIA, FBI computers used for Wikipedia edits".