How to really add a plugin to WordPress manually

You’d have thought that a google search for “manually add plugin to WordPress” would turn up lots of articles on how to do this, but, er, no. They all seem to tell you to log in to the site and do this or that on the GUI. That’s not doing it manually – it’s using the GUI. If the GUI doesn’t work, then you need to do it manually. Here’s how:

The method is actually simple if you remember it. You download the plugin from the site (e.g. and you’ll end up with a DOS/Windows .ZIP file. Unpack this any way you wish and you’ll get a directory with some file in it. As a sanity check, one of these files will have the same name as the directory, but ending in .php.

Take this whole directory and copy it to /wp-content/plugins. That’s the directory – not the files in the directory.

That’s it. You’re done. It’ll appear in the plugins dashboard.

The Huawei thing

A few months ago I was asked for comment on the idea that an embattled Theresa May was about to approve Huawei for the UK’s 5G roll-out, and this was a major security risk. Politics, I assumed. No one who knew anything about the situation would worry, but politicians making mischief could use it to make a fuss.

Now it’s happened again; this time with Boris Johnson as Prime Minister. And the same old myths and half-truths have appeared. So is Chinese company Huawei risky? Yes! And so is everything else.

Huawei was founded by a brilliant entrepreneurial engineer, Ren Zhengfei in 1987, to make a better telephone exchange. It came from the back to become the market leader in 2012. It also made telephones, beating Apple by 2018. While the American tech companies of the 1980’s grew old and fat, Huawei kept up the momentum. Now, in 2020, it makes the best 5G mobile telephone equipment. If you want to build a 5G network, you go to Huawei.

Have the American tech companies taken this dynamic interloper lying down? No. But rather than reigniting their innovative zeal, they’re using marketing and politics. Fear, Uncertainty and Doubt.

Some arguments:

“Huawei is a branch of the evil Chinese State and we should have nothing to do with it.”

Huawei says it isn’t, and there’s no evidence to the contrary. The Chinese State supports Chinese companies, but that’s hardly novel. And whether the Chinese State is evil is a subjective judgement. I’m not a fan of communist regimes, but this is beside the point if you’re making an argument about technology.

“Huawei is Chinese, and we don’t like the government or what it does”.

So we should boycott American companies because we don’t like Trump? We do business with all sorts of regimes more odious that the CPC, so this is a non-argument. You could make a separate argument that we should cease trade with any country that isn’t a liberal democracy, but this could be difficult as we’re buying gas from Russia and oil from the Middle East.

Please generate and paste your ad code here. If left empty, the ad location will be highlighted on your blog pages with a reminder to enter your code. Mid-Post

“Huawei works for the Chinese secret service and will use the software in its equipment to spy on, or sabotage us.”

First off, Ren Zhengfei has made it very clear that he doesn’t. However, there have been suspicions. In order to allay them, Huawei got together with the UK authorities and set up the HCSEC in Banbury. Huawei actually gives HCSEC the source code to its products, so GCHQ can see for itself; look for backdoors and vulnerabilities. And they’ve found nothing untoward to date. Well, they’ve found some embarrassingly bad code but that’s hardly uncommon.

Giving us access to source code is almost unprecedented. No other major tech companies would hand over their intellectual property to anyone; we certainly have no idea what’s inside Cisco routers or Apple iPhones. But we do know what’s inside Huawei kit.

“Because Huawei manufactures its stuff in China, the Chinese government could insert spying stuff in it.”

Seriously? Cisco, Apple, Dell, Lenovo and almost everyone else manufacturers its kit in China. If the Chinese government could/would knobble anything it’s not just Huawei. This is a really silly argument.


So should we believe what the American’s say about Huawei? The NSA says a lot, but has offered no evidence whatsoever. The US doesn’t use Huawei anyway, so has no experience of it. In the UK, we do – extensively – and we have our spooks tearing the stuff apart looking for anything dodgy. If we believe our intelligence services, we should believe them when they say
Huawei is clean.

Being cynical, one might consider the possibility, however remote, that America is scared its technology companies are being bested by one Chinese competitor and will say and do anything to protect their domestic producers; even though they don’t have any for 5G. Or if you really like deep dark conspiracies, perhaps the NSA has a backdoor into American Cisco kit and wants to keep its advantage?

The US President’s animosity to trade with China is hardly a secret. Parsimony suggests the rest is fluff.

Jails on FreeBSD are easy without ezjail

I’ve never got the point of ezjail for creating jailed environments (like Solaris Zones) on FreeBSD. It’s easier to do most things manually, and especially since the definitions were removed from rc.conf to their own file, jail.conf. (My biggest problem is remembering whether it’s called “jail” or “jails”!)

jail.conf allows macros, has various macros predefined, and you can set defaults outside of a particular jail definition. If you’re using it as a split-out from rc.conf, you’re missing out.

Here’s an example:

# Set sensible defaults for all jails
path /jail/$name;
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
host.hostname $;
# Define our jails
tom { ip4.addr = ; }
dick { ip4.addr = ; }
harry { ip4.addr = ; }
mary { ip4.addr = ; }
alice { ip4.addr = ; }
nagios { ip4.addr = ; allow.raw_sockets = 1 ; }
jane { ip4.addr = ; }
test { ip4.addr = ; }
foo { ip4.addr = ; }
bar { ip4.addr = ; }

So what I’ve done here is set sensible default values. Actually, these are probably mostly set what you want anyway, but as I’m only doing it once, re-defining them explicitly is good documentation.

Next I define the jails I want, over-riding any defaults that are unique to the jail. Now here’s one twist – the $name macro inside the {} is the name of the jail being defined. Thus, inside the definition of the jail I’ve called tom, it defines I use this expansion to define the path to the jail too.

If you want to take it further, if you have your name in DNS (which I usually do) you can set ip.addr= using the generated hostname, leaving each individual jail definition as { ;} !

I’ve set the ipv4 address explicitly, as I use a local vlan for jails, mapping ports as required from external IP addresses if an when required.

Note the definition for the nagios jail; it has the extra allow.raw_sockets = 1 setting. Only nagios needs it.

ZFS and FreeBSD Jails.

The other good wheeze that’s become available since the rise of jails is ZFS. Datasets are the best way to do jails.

First off, create your dataset z/jail. (I use z from my default zpool – why use anything longer, as you’ll be typing it a lot?)

Next create your “master” jail dataset: zfs create z/jail/master

Now set it up as a vanilla jail, as per the handbook (make install into it). Then leave it alone (other than creating a snapshot called “fresh” or similar).

When you want a new jail for something, use the following:

zfs clone z/jail/master@fresh z/jail/alice

And you have a new jail, instantly, called alice – just add an entry as above in jail.conf, and edit rc.conf to configure its networ. And what’s even better, alice doesn’t take up any extra space! Not until you start making changes, anyway.

The biggest change you’re likely to make to alice is building ports. So create another dataset for that: z/jail/alice/usr/ports. Then download the ports tree, build and install your stuff, and when you’re done, zfs destroy
z/jail/alice/usr/ports. The only space your jail takes up are the changes from the base system used by your application. Obviously, if you use python in almost every jail, create a master version with python and clone that for maximum benefit.

Amazon Echo vulnerable in Smart Speaker battle

When Google launched its smart speaker it was playing catch-up with Amazon. The Echo had an established ecosystem, and unless Amazon blew it, this lead looked unassailable. The field was Amazon’s to lose.

Since then, Amazon’s arrogance seems to have taken it towards such a losing strategy. Glitzy launches of new gadgets are not enough to maintain a lead. I have a sample of pretty much every Echo device ever sold, and the newer ones aren’t that much better than the old ones. The build quality was always good, and they work.

What could damage the Echo is the slide in functionality.

Most people assumed that the rough edges – things you should be able to do but couldn’t – would be addressed in time. Google stole a march by recognising the person speaking, but Amazon has caught up. Sort-of. Meanwhile Google has been catching up with Amazon on other functionality and ecosystem.

What Amazon is failing to realise is that they’re selling smart speakers. This is the core functionality. They came up with the technology to link speakers in groups, so you could ask for something to be played “Upstairs”.

This is still there, but it’s been made almost useless. In the beginning you could play anything you wanted on an Echo. All music purchased direct from Amazon was added to your on-line library. There was also Amazon’s Prime music service. The latter has gone down hill recently, with the good stuff moved to a separate “full” streamin service. The ability to play your own music by uploading your MP3 files to your library. This facility has just “gone”, as of the start of the year.

Loyal Amazon customer assumed that it would go the other way, and that you’d be able to stream from your local source to your smart speaker groups. Amazon has blocked this, although some third party skills can play media to a single Amazon speaker. Not so smart.

Now Echo users are about to be hit again. From next month feed of BBC Radio, and other things, is changing. You’ll still be able to get them, but only on a BBC skill. The effect of this is that you can’t use an Echo as a radio alarm clock and more, the alarms will be confined to built in sounds. No longer will I be able to wake up to Radio 4’s Today program at 6am. Unfortunately I will still have to wake up at that time.

Echo Dot with Time Display – but now no use as a radio alarm

Ironically, one of Amazon’s enhancements is an Echo Dot with a time display. Just in time for it to be made useless by the software.

Looking at the change, I also strongly suspect you won’t be able to play a radio station on a group of speakers either. The speaker group technology is limited to Amazon’s own streaming service.

The Echo/Alexa system used to just work. Unless Amazon reverses these catastrophic decisions, it just doesn’t work. And now the public has a taste for this functionally, someone else can walk in and provide it.

The Religion behind Climate Change

Global Warming is real. The high priests of the peoples’ religion have proved it to the satisfaction of all true believers. Or do I mean science has proved it to all right-thinking people?

Famously, Donald Trump thinks it’s all a conspiracy. He also thought (thinks?) that Obama was a foreign import jihadist and the American Democratic Party is run by commuinists. So if Donald Trump thinks Climate Change is a trick, logic dictates that it must therefore be real, right?

I think it’s time we looked at some facts:

The world’s climate has been getting warmer. For a long time. Between the 15th and 18th Century the River Thames froze over in London. In the early 1800’s it stopped, and hasn’t done so since. Therefore things must be getting warmer. Of this there is no doubt.

Is our industrial activity the reason? Well no. We didn’t start to industrialise and burn fossil fuels until well in to the 19th Century.

So it’s pretty clear that the planet has been warming up for a long time prior to major human industrial activity. We couldn’t have started it, because it began before we burnt fossil fuels to any scale.

But… is burning fossil fuels accelerating this natural change in our climate? Well that’s another question. 97% of Climate Change scientists say it is, so it must be true. I mean: who’s going to argue with one scientist, never mind the vast majority? Scientists are honourable people, not interested in worldly matters, and have no reason to lie to us about stuff we don’t understand.

Yeah, right!

Scientists are no more or less honourable than anyone else; they do care about money and there are all sorts of reasons not to believe them. This is strikingly similar to the high priests of the old religions, don’t you think? And when you look at it, the same driving forces appear to be shaping their behaviour.

For a long time the sun went around the earth. The priests said so. Anyone with deviant views was shouted down as an idiot, and if they persisted they could eventually be burnt at the stake as an example to others. No one who argues with priests or scientists is going to be taken seriously. OR ELSE!

Did the priests have any proof that their view of the cosmos was correct? They had irrefutable evidence. Ask any priest and they’d tell you – everyone knew it was true so it must be. Who was going to appear foolish (or be put to death) by disagreeing with the consensus? But in reality the priest had other reasons to believe they were correct: their careers and livelihood depended on them sticking to the story. If you were a priest you had a good job for life. People would respect you, give you money, a nice house and plenty of food, and not expect you to get involved in nasty worldly stuff. Becoming a priest has always been a good career choice. The only career-limiting thing you could do would be to question the “truth”. If anyone did, other people would too, and eventually the religion would lose control. And if a priest did it, even more so. Errant priests would never do.

Is the modern-day scientist really any different? It’s always a good idea to follow the money. They have a job in research and their salary is paid for by someone. To get on in the world they need to publish papers, so they can’t remain silent. When they’re working for a university department set up to study climate change, its not politic to say that the subject is over-blown and the world would be better off studying something else. They’re going to say it’s important, and probably real (but that funding is needed for further research). So the the majority of scientists who are paid to believe in climate change that express an opinion are unlikely to express one that’s going to see them out of a job; and then torn apart by their colleagues for breaking the faith.

Ask a scientist not involved in climate change research whether global warming is caused by human activity, and they won’t have a strong opinion because it’s not their field. Or they’ll close ranks with the rest of the “priesthood”, or “scientific community”.

Likewise, I don’t know if human activity is accelerating climate change. I suspect it may well be, but I can’t discount the fact that most academic researchers of the subject also say their pay-cheque is justified. Always follow the money.

Then there are the environmentalists, myself included. I don’t bang on about human-caused climate change. I don’t know how much we are to blame. I don’t know if we can slow or reverse it. But I do know that using irreplaceable resources as though the supply is infinite is a stupid idea. I do know that polluting the environment and destroying the natural world is a bad thing. So when a government, with the backing of its high priests of science, says it wants to reduce pollution and fossil fuel consumption I’m hardly likely to disagree, whatever the government’s real motive. (I suspect the real motive is tax revenue).

So what is it with society and its deference to scientists? In the past, if you were ill, you went to the priest for help. Not just the church infirmary; you did whatever the priest told you to in order to be cured. At the very least, you had nothing much to lose by trying. In the modern world we go and see a medical scientist (doctor), as we believe their results are better than the priests. Doctors can’t cure everything, in fact you could argue they can cure comparatively little. Many ailments cure themselves and the priest or doctor gets the credit anyway. But doctors do have demonstrably better outcomes than the priests they’ve displaced. If you’re ill, anyone you believe can cure you is going to be your best friend.

And then there are the politicians. Since the beginning of time the priests have been used by rulers to persuade the populous to go along with some policy or other. Do you want to plunder the tribe up the valley? Get your holy man to call it a religious duty and the plebs will do anything you ask of them, however foolish. Even if they’re not scared of you, they are of the priest. More precisely, they’re scared of the power that only the priest understands and can control. So the tribal chief is happy. The priest is happy because the chief keeps him in the easy life, and the plebs are happy because they’re doing the right thing for them and their mates without having to think for themselves. Or they’re dead on the battlefield, but living it up in the afterlife.

Now, if you’re a politician and announce you want to hike taxes it’s unlikely to have a positive effect on your chances of re-election. Unless you can persuade the people it’s a really good idea for some reason or other. The problem is that they won’t listen to you, because you’re a politician. If you can get the high priest (or scientists) to tell them that raising taxes is virtuous, and the wrath of something will descend on them otherwise, then you can still raise the taxes you need and avoid the blame when people have less money in their pockets and you have more to spend.

I’m not saying that using taxation to reduce pollution, or finite resource consumption, is a bad thing. Anything that does that is good. But I can’t help having a nagging feeling that the motivations of governments have more to do with the revenue, as government policies usually contradict these supposed ideals unless they can make money out of it.

The switch to sustainable transport is a good example – jobs and taxes are created by cars, so building more roads is a good thing as far as they’re concerned. And they can even boost economic activity by changing the rules to encourage people to buy newly produced cars. This is contradicts the idea that they want to reduce consumption, emissions and pollution. When Trump says he wants to put industry before environment he’s just being honest.

My first draft of this diatribe ended about here, but in the summer the president of the Royal Statistical Society gave a very interesting address at their annual jamboree, which deserves a much wider audience as it drew together threads concerning why people are becoming disenchanted by experts, especially where statistics are concerned.

NSPCC claims that 6% of teenage boys read Pornhub

Petee Wanless, CEO of the NSPCC, has made a fool of himself and the organisation he represents by call8ng for unworkable restrictions to be placed o. Porn websites to prevent access by min
ors. This is on the back of some dubious looking research from avstat, who have made simar headline grabbing claims that 6% of males aged 12-16 have been looking at a site called Pornhub during the course of one month. This is based on a survey of traffic, apparently.

It’s pretty obvious to anyone in a position to see net traffic that this is most improbable, and it’s only a matter of time before the research is ripped to shreds. That the NSPCC is taking it seriously raises more questions of the organisation’s competence. Time for a new CEO, methinks.

Faith in Free Schools – Department of Education still hasn’t done its homework

The Department of Education has just lost in its bid to keep secret the “faith affiliation” of applicants planning to up Free Schools, and has been forced publish the figures by the Information Commissioner.It’s taken two years to get this information, and it’s interesting reading if you read them carefully.

Figures are not available for the first wave of 373 applications, but is (to an extent) for the second and third waves. I’ve been doing some number crunching.

Religion Wave 2 Wave 3 Total %
None 202 183 385 74.47%
Christian 45 21 66 12.77%
Muslim 17 18 35 6.77%
Plymouth Brethren 11 3 14 2.71%
Jewish 3 5 8 1.55%
Sikh 2 5 7 1.35%
Hindu 1 1 2 0.39%

The breakdown is a little strange. In Wave 3 the different Christian denominations are specified in some cases but left as “Christian” for others, as they all are on Wave 2. Except the Plymouth Brethren, who appear always to be separate from “Christian” for some reason in both sets of data. “Muslim” and “Islam” are also two different religions, apparently. Did the compiler of these statistics know anything about religions?

I also have my doubts about whether religion has been reported at all. We’re asked to believe schools like Noah’s Kingdom (Reading) isn’t religious. To quote from their ethos description: If life is based on human values then it is incomplete, but if we base our lives on the plan of God then we have a secure path.

It’s not just the Christians – how about  the Khalsa Science Academy in Leeds? Sounds Sikh to me! A quick look at their web site confirms my suspicions.

What about the Maharishi Free Schools? Non-faith? Yogi’s might fly! There’s even “Destiny Christian School” in Bedford that’s listed as secular. The clue should be in the name. It’s actually being proposed by “Miracle Church of God in Christ”, and part of the Christian Schools’ Trust who’s attitude to creationism is that it is science and they intend to teach it as such.

In short, a quick scan through the names on the list is enough to show any reasonable person that the published data is full of errors. Journalists like those at the BBC may have  taken them at face value, but they’re an insult to any thinking person.

Whatever you feel about so-called “Faith Schools”, having the data kept from us by Michael Gove and the Department of Education isn’t going help with an informed debate.

Wave 1+2 Freedom of Information data from DofE

Wave 3 Freedom of Information data from DofE


Interesting things at IP Expo 2012

IP Expo (nee. Storage) is on in London’s Earls Court Two for one more day. As a show it’s target remains a bit undefined (a show about Internet Protocol? Or do they mean Intellectual Property),  but that’s what can make it interesting.

This year there’s less of the mind-boggling high-end storage and more general network services from software and hardware vendors – in particular, vitallisation is the hot topic (yawn).

This is a quick impression; get down there and see for yourself or wait for a full report later.

One interesting stand is Firebrick, present for the first time. You can’t miss them, (a) because they’re in front of the main entrance one row back; and (b) they’ve got a life-sized fibreglass Orc on the stand. They’ll happily take your photograph standing with it, print it out and also give you a link to it for download within a matter of seconds.

Firebrick is a range of rather good network gateway devices (call them firewalls if you will, but that doesn’t really cover it). It’s their own technology, and it’s very clever. The latest clever stuff is the on-board SIP VoIP management, and a very reasonably priced service that can turn your 3G handset into a SIP extension. I’m not talking about a SIP App for a smartphone here; this is a SIM that integrates a mobile ‘phone in to your IP PABX.

Virtualisation is very popular, and so is security. Everyone’s got a security solution for virtualised server environments. A lot more on this topic later.

Trend has an amusing sign on their stand “Vurtualisation is becoming a reality”. Well what do you know? Are they recycling stands from five years ago, or just a bit slow to catch on. Actually, Trend has been ahead on integrating with VMWare at the hypervisor level, so it’s either a daft statement from the marketing department or an old sign but it’s too good a conversation opener to ignore. They’ll be sick if it by the end of the show.

Bit9, the security company from Massachusetts, is a the show. I like them; they’re sensible about what technology can and can’t do. This may not be a popular business model, but they give me more confidence than most of getting an accurate assessment where it matters.

Off to mingle..

BA e-ticket malware spam

Starting yesterday evening I’ve been seeing hundreds of emails sent to normally spam-free addresses claiming to be British Airways e-tickets. They are, of course, some new malware. It’s coming for a network of freshly compromised servers around the world (with a slight preference for Italy), so spam detection software won’t pick it up, and it’s new malware so virus scanners won’t find it either. As usual it’s a ZIP file containing an EXE, written in Borland Delphi I think.

The spambot code itself appears to be compiled on whatever Linux target the script attack has succeeded on, masquerading as “crond”.