Free Universal Construction Kit is a set of 3D models you can print on a 3D printer that allow you to connect Lego to Duplo to Lincoln Logs, etc.
Hmmm
“This rather embarrassing issue was pointed out to the committee, the fact that there were three votes too many, and that these three votes determined the outcome. When this was done, along with formally requesting a re-vote, that re-vote on the points in question was denied.”
By the URI RFC there is only one way to represent a particular IPv4 address in the host of a URI. This is the standard dotted decimal notation of four bytes in decimal with no leading zeroes delimited by periods. And no leading zeros are allowed which means there's only one textual representation of a particular IPv4 address.
However as discussed in the URI RFC, there are other forms of IPv4 addresses that although not officially allowed are generally accepted. Many implementations used inet_aton to parse the address from the URI which accepts more than just dotted decimal. Instead of dotted decimal, each dot delimited part can be in decimal, octal (if preceded by a '0') or hex (if preceded by '0x' or '0X'). And that's each section individually - they don't have to match. And there need not be 4 parts: there can be between 1 and 4 (inclusive). In case of less than 4, the last part in the string represents all of the left over bytes, not just one.
For example the following are all equivalent:
The bread and butter of URI related security issues is when one part of the system disagrees with another about the interpretation of the URI. So this non-standard, non-normal form syntax has been been a great source of security issues in the past. Its mostly well known now (CreateUri normalizes these non-normal forms to dotted decimal), but occasionally a good tool for bypassing naive URI blocking systems.
Dark Patterns are UI patterns used to trick users into doing things they’d otherwise rather not: buy traveler’s insurance, click on ads, etc. Covers the anti-patterns and how we as technical folk can help stop this.
Seems generally bad to embed sensitive info in the URI (the http+aes URI scheme’s decryption key) similar to the now deprecated password field.
Use case is covered here: http://lists.w3.org/Archives/Public/ietf-http-wg/2012JanMar/0811.html. Also discussion including someone mentioning the issue above.
Follow the link for other great Al themed artwork.
(via http://twitter.com/alyankovic/statuses/177517595874951171)
I can’t believe the dumb TED conference made me miss seeing prominent Ragnarok denier Eliott Kalan being sprayed by with seltzer by Jon Stewart.
The Blowholes - Summerbaby (Pete & Pete Reunion 2-24-12) (by matt00092)
Via http://www.avclub.com/articles/inside-the-adventures-of-pete-and-pete-reunion,70177/
The goal of this experiment was to combine the flipping tables emoticons with the Threw It On The Ground video using shiny new HTML5-ish features and the end result is the table flipper flipping the Threw It On the Ground video.
The table flipper emoticon is CSS before content that changes on hover. Additionally on hover a CSS transform is applied to flip the video upside down several times and move it to the right and there's a CSS transition to animate the flipping. The only issue I ran into is that (at least on Windows) Flash doesn't like to have CSS transform rotations applied to it. So to get the most out of the flip experiment you must opt-in to HTML5 video on YouTube. And of course you must use a browser that supports the various things I just mentioned, like the latest Chrome (or not yet released IE10).
Some rights reserved