2010 May 24, 6:26"What You See is What They Get: Protecting users from unwanted use of microphones, cameras, and other sensors," by Jon Howell and Stuart Schechter.
"We introduce the sensor-access widget, a graphical user interface element that resides within an application's display. The widget provides an animated representation of the personal data being
collected by its corresponding sensor, calling attention to the application's attempt to collect the data."
Not sure how well that scales...
technical security privacy research 2010 May 10, 8:59Iggy Pop interviews Shepard Fairey, including his Obama HOPE poster and AP lawsuit:
"... but the American public is generally pretty superficial, so an image like that just allows them to project whatever limited idea they have onto it. Obviously, not everyone is like that—I
actually think there were a lot of people who were bummed by the image because they felt it was shallow propaganda."
"If I spend time conceiving and making a piece of art and somebody else sees that it has market value and replicates it in order to steal part of my market, then that’s not cool. But the way I make
art—the way a lot of people make art—is as an extension of language and communication, where references are incredibly important. It’s about making a work that is inspired by something preexisting
but changes it to have a new value and meaning that doesn’t in any way take away from the original—and, in fact, might provide the original with a second life or a new audience."
art legal law ip shepard-fairey obey interview 2010 May 6, 7:16"Today web gadgets, mashup components, advertisements, and other 3rd party content on websites either run with full trust alongside your content or are isolated inside of IFrames. As a result, many
modern web applications are intrinsically insecure, often with unpredictable service quality. Live Labs Web Sandbox addresses this problem."
web browser web-sandbox technical javascript html windows live security sandbox microsoft silverlight 2010 May 4, 10:52On HTML5's extensibility: how does microdata work in HTML5?
via:kris.kowal html5 html microformats semanticweb todo technical 2010 May 4, 10:51Survey asks you for your gender and color blindness status and then shows you various colors one by one and asks you to type the name. The results of this survey are presented here. Very few
differences between genders but there's plenty of interesting results in this document.
via:swannman science statistics color psychology xkcd humor art 2010 May 3, 7:27Amazon has the most highlighted passages of Kindle users. Of course Dan Brown is all over that. But in 94th place of most highlighted is a passage from the 'Kindle Shortcuts' book on how to highlight
passages: "Go to top Notes and Clippings (Kindle 2) To create a highlight: use the 5-way controller to highlight the content you want to clip and then press the 5-way to save your selection...
Highlighted by 319 Kindle users"
humor highlight amazon kindle technical meta 2010 May 2, 3:14"This document contains normative guidelines for web applications built by the Interface Development practice of Isobar North America (previously Molecular)." Glad to see coding styles and best
practices for HTML, CSS, JS, associated HTTP headers etc etc etc
code css html html5 javascript web browser programming development technical via:kris.kowal 2010 May 2, 2:52'HAR to Page Speed' is a tool that takes a HAR file (Http ARchive) supported by various HTTP debuggers and produces a page speed score. This is a great example of the value of a cross HTTP debugger
file format.
http tool debug performance web technical 2010 Apr 29, 11:59"Over Christmas break I wrote Santa my browser wishlist. There was one item I neglected to ask for: improvements to the browser disk cache." If only it were so simple as to just increase the max size
of your HTTP cache...
performance http web browser cache technical 2010 Apr 21, 6:48"The Web Open Font Format, already backed by Mozilla and many type foundries was accepted by the World Wide Web Consortium yesterday, marking the first stage in its standardization. The submission
included a surprising new sponsor: Microsoft."
font microsoft web internet typography arstechnica browser technical 2010 Apr 11, 3:51"In fact, more air marshals have been arrested than the number of people arrested by air marshals." Its easy to get awesome stats like this when talking about lawlessness on airplanes given its great
infrequency.
statistics humor security bruce-schneier airplane 2010 Apr 4, 2:02
I've just updated Encode-O-Matic with a Guess Input Encoding feature. When you start Encode-O-Matic or when you use the 'Guess
Input Encoding' menu item from the 'Tools' menu, Encode-O-Matic will try out various combinations of encodings and guess at which set seem to apply to your input. For instance given the following
text, Encode-O-Matic will correctly guess that it is percent encoded, base64 encoded, deflate compressed text:
S%2BWqUEhLLMoFUulFpXnZQLogMa%2BkmCuPqxzILk%2FMyeHK4QIA
It should work fairly well for simple things but I did pick 'Guess' for the name of the feature to intentionally lower
expectations. It doesn't currently apply to character encodings but that may be something to consider in the future.
technical encodeomatic tool encoding 2010 Mar 22, 8:40PDF overtakes Word as targeted attack vector of choice.
security office adobe pdf word powerpoint microsoft technical statistics internet malware 2010 Mar 21, 3:22Google Calendar Sync is an Outlook plugin that syncs your Google and Outlook calendars (you get to pick 1way and direction or 2way sync'ing). This almost looks like what I want but perhaps my feature
requests are too obscure for someone to have already implemented them:
Events marked personal added on my Outlook calendar should get full 2-way sync'ing with my Google calendar.
All other events added on my Outlook calendar should be assumed to have private company information and should get 1-way sync'ing with just the time and location - no attendees or subject or
desceiption.
All events added on my Google calendar should get full 2-way sync'ing with Outlook and there should be marked personal.
I doubt I'm going to find a pre-made app to do this so I guess I should get coding. Otoh, if they ever bring the updated Android OS that has Exchange support to my G1 maybe none of this would be
necessary...
google calendar outlook microsoft tool free technical 2010 Mar 18, 7:15This article describes the largest problem with the Acid3 test: "Acid3 often didn’t test things web authors wanted, but instead it tested things that were broken or not implemented regardless whether
anyone truly cared."
acid3 web browser html dom test technical 2010 Mar 12, 1:28
It was relatively easy, although still more difficult than I would have guessed, to hook my bespoke website's Atom feed up to Google Buzz. I already have a Google email account and associated
profile so Buzz just showed up in my Gmail interface. Setting it up it offered to connect to my YouTube account or my Google
Chat account but I didn't see an option to connect to an arbitrary RSS or Atom feed like I expected.
But of course hooking up an arbitrary Atom or RSS feed is documented. You hook it up in the same manner you
claim a website as your own via the Google Profile (for some reason they want to ensure you own the feed connected to your Buzz account). You do this via Google's social graph API which uses XFN or
FOAF. I used XFN by simply adding a link to my feed to my Google profile (And be sure to check the 'This is a profile page about me' which ensures that a rel="me" tag is added to the HTML on your
profile. This is how XFN works.) And by adding a corresponding link in my feed back to my Google profile page with the following:
atom:link rel="me" href="http://www.google.com/profiles/david.risney"
I used this
Google tool to check my XFN
connections and when I checked back the next day my feed showed up in Google Buzz's configuration dialog.
So more difficult than I would have expected (more difficult than just an 'Add your feed' button and textbox) but not super difficult. And yet after reading this Buzz from DeWitt Clinton I feel better about opting-in to Google's Social API.
technical atom google buzz rss social 2010 Mar 12, 11:11"All of the sculpted noses on the planet Viltvodle VI were fashioned after Douglas Adams' own. The creators used a 3D model he had created for the game Starship Titanic." The noses mentioned in the
previous sentence were depicted in the movie in a church. The religion of this church maintains that the universe was created by their god sneezing out the universe and so they have statues of their
god's nose throughout the church. Of course this is intended to seem absurd, however based on the previous sentence -- that the nose belonged to Douglas Adams -- then they really were worshping the
nose of their creator.
douglas-adams book hhgttg movie religion nose 2010 Mar 11, 11:50Side by side comparison of the BSG+Sabotage mashup and the original Sabotage music video. Cool remix certainly although it really must be watched in this side by side comparison form to be
appreciated. By itself the remix isn't really coherent.
bsg video humor music music-video sabotage beastie-boys 2010 Mar 11, 3:48Conan is doing a tour entitled "The Legally Prohibited from Being Funny on Television Tour". Coming to Seattle mid April...
conan-obrien humor tour 2010 Mar 9, 9:08
I've just put up an update for Encode-O-Matic with the following improvements:
- Hex editor: the output and input views can now be switched between a UTF8 textbox view and a hex editor view. This is built using the free Be.HexEditor.
- Compression: I've added the .NET GZip, deflate, and inflate streams to the list of supported encodings.
- Quick Show Output: There are now 'Show Output' radio buttons next to each encoding in the encoding stack. Clicking on them changes the output view to show the output from that encoding in the
stack. This lets you easily jump between different parts of your encoding process. Adding or removing an encoding to the stack resets the view.
- Minor visuals improvement: added app icon, changed buttons with one word symbols to command names.
technical encodeomatic project
Some rights reserved