I have long been a proponent of the Internet as holding the potential for revolutionizing how chemists communicate. This blog represents one of the ways that electronic communication can enhance how we exchange ideas.
This blog began as a means for me to maintain the currency of my book Computational Organic Chemistry. I realized that as soon as the book was physically printed and distributed, it was already 6 months out of date, and every subsequent day the book became that much less current. But the blog provides a mechanism for me to continuously provide updates to the book. As new articles are published, I can comment on them with the same perspective as I brought to the book.
I have been blogging now for over 5 years: almost 300 posts discussing well over 300 new articles relevant to computational organic chemistry. While the number of comments and commenters has not been particularly large, many of these comments are quite astute and there has been the occasional quite interesting back-and-forth discussion.
While my blogging is not entirely altruistically motivated, this has been more of a labor of love than anything else. So one might understand my dismay when about two weeks ago I received email messages from Jan and Henry and Eugene telling me that when they tried to access the blog, their browsers came back with a malware notice message from Google. Apparently Google will scan sites for problems and most current browsers will poll Google for the health of these sites prior to actually connecting to them.
My blog became infected somehow, and now I had to figure out how to remove the infestation! Fortunately, my son is a CS guru and so when I visited him for the Thanksgiving weekend we set out to disinfect the wordpress installation. After a bit of poking around, we found that every css file associated with the theme had unauthorized byte-code. Once we removed all of that, we submitted the site for review by Google, but to no avail – the site was still infected. So, back to more searching and we discovered that many of the plugins were infected, as were other themes. So another round of removing the foreign code and resubmittal to Google, and finally we passed inspection. The blog is now running clean!
But what a pain! And all for some junk that simply referred people to other sites. This headache cost a number of hours of searching and cleaning and worrying – for no good reason at all. (And I had a free software consultant – Thanks D!) I must say that I came seriously close to deciding to chuck the blog entirely. The hassle of maintaining the site and fighting off spammers and the like are truly the seamy side of the web. If one ever hears the comment that distributing information on the net is “free” – remind them of the constant vigilance needed to ward off spammers and hackers and other vermin. And my little site is nowhere near as vital or subject to attack as say a bank, or a military base, or even a scientific publisher.
I appreciate more now the true cost of doing business on the web. I dismay about the future – the web is very much the “wild west” and lawlessness pervades. I worry that I (and others) may finally just give up. I wish I knew of a solution, but I realize that there is no way to perfectly secure a site.
So if anyone out there has a WordPress site and gets infected I can offer some advice for cleansing – and if anyone has advise as to how to stem the malware tide, please share!