2009 Sep 30, 4:07The hashing part makes sense, but not the 'why no URL query' bit: "But because victim=12345 has already been visited they satisfy condition 2 and they get the 404 page fooling them into thinking the
site has already been taken down. So query strings don't really work." You could implement the same thing in the path and even were that not the case there's no telling that removing the query would
get you the same page. What's described here is a general method to circumvent the AP filter not an explaination as to why it avoids the query portion of the URL.
phishing technical web browser http url hash 2009 Sep 14, 4:36Facebook makes a 'Fax This Photo' button but only lets TechCrunch employee's see it... Also, enjoyed the 'Oh my god this guys arm!' AD reference.
humor prank facebook journalism fax photo 2009 Sep 10, 6:26Typekit's protections for their hosted fonts include referer header checking, and various obfuscations: "Our intent is only to discourage casual misuse and to make it clear that taking fonts from
Typekit is an explicit and intentional act."
via:kottke font typekit internet web security legal technical 2009 Sep 10, 5:02Makes sense to me. Its the content not the transmission medium.
book library education literature news 2009 Aug 18, 4:19
Before we shipped IE8 there were no Accelerators, so we had some fun making our own for our favorite web services. I've got a small set of tips for creating Accelerators for other people's web
services. I was planning on writing this up as an IE blog post, but Jon wrote a post covering a
similar area so rather than write a full and coherent blog post I'll just list a few points:
- The first thing to try is looking for developer help for the web service, specifically if there's a REST-ful URL based API. For example, Bing Maps has great URL API documentation that would
be enough to create an Accelerator.
- The Accelerator XML is very similar to HTML forms. If you can find an HTML form for the web service for which you want to create an Accelerator, you can view the HTML source and create an
Accelerator based on that.
- I created the FormToAccelerator extension based on the previous idea. You can
use the extension to create an Accelerator from an HTML form, or just use it to create the start of one and edit it manually after.
- If the page doesn't use an HTML form, you can start up an HTTP debugger like Fiddler, use the web service from the normal web
page, and then in Fiddler see if you can find a REST-ful looking URL you can use.
- When looking to create a preview for your Accelerator, see if the web page for the web service has a mobile version or a version that's intended to embed in other web pages via an iframe. On
this same line, iPhone apps make great Accelerators usually with lovely previews.
- If there's no mobile or embeddable version and the only thing wrong with the normal web page for the web service is that the useful information doesn't fit in the preview window then see if you
can find an HTML tag with a name or id near the useful information, and stick a '#' fragment pointing to that tag onto the preview URL template.
- Without a reasonable REST-ful API you can use a combination of Google's "site:" and "I'm Feeling Lucky" to find the most relevant page on a particular site.
- The value of a name and value pair need not consist of only a single Accelerator variable. You can get creative and put other text in there. For instance, I implemented a Google currency conversion by setting the query to "{selection} in US Dollars".
technical accelerator ie8 ie 2009 Aug 12, 5:02W3C File API makes it to first published working draft. Like the use of data URLs, don't like the new filedata URLs.
html5 w3c file upload script url data-scheme technical 2009 Jul 29, 11:00"Help to make sense of the Daily Mail’s ongoing effort to classify every inanimate object into those that cause cancer and those that prevent it."
humor journalism health via:bengoldacre news science 2009 Jul 28, 3:39Linus Torvalds: "I'm a big believer in "technology over politics"...I may make jokes about Microsoft at times, but at the same time, I think the Microsoft hatred is a disease." This goes well with
his previous quote calling Slashdot a "big public wanking session".
linux linus-torvalds microsoft politics technical 2009 Jul 27, 4:29"Jen Hui Liao's Self-Portrait Machine is a device that takes a picture of the sitter and draws it but with the model's help. The wrists of the individual are tied to the machine and it is his or her
hands that are guided to draw the lines that will eventually form the portrait." With video!
video drawing art technology machine robot automation self-portrait 2009 Jul 24, 5:49Sir Ian McKellen as Number Two in remake of The Prisoner in Nov.
tv interview ian-mckellen the-prisoner 2009 Jul 17, 4:36"For Windows 7, we’ve added support for Federated Search using OpenSearch v1.1 and worked to make the experience a seamless one." Explorer in Win7 supports OpenSearch descriptions (that use RSS)
opensearch search windows win7 technical 2009 Jul 15, 7:00"Tor.com is proud to be serializing Makers, Cory Doctorow’s upcoming novel, which goes on sale from Tor Books in November."
cory-doctorow scifi tor makers book literature cc free 2009 Jul 6, 3:47Howto make your own garden including pre-made plans like the 'Plant it and Forget it' garden.
via:jen howto diy garden for:hellosarah 2009 Jun 29, 1:20"The Music of Erich Zann is a short film based on the story by H.P. Lovecraft. Though conditions inside the abandoned Savoy Hotel made this a very challenging project (Sub-freezing temperatures;
cramped quarters; enough dust to suffocate Cthulhu himself), I was thrilled with the opportunity to work in such a haunting location, with such a talented and dedicated group of filmmakers."
chris-shelton hp-lovecraft video movie 2009 Jun 15, 4:46"This was such a fun project - this is what users of Internet Explorer 6 see when they visit Momentile." Funny image. There's just two things I don't like about this: (a) it makes me feel sorry for
IE6 when the only thing anybody should feel in relation to IE6 is the urge to upgrade to IE8 and (b) I hate it when websites get all preachy and try to convert you to another browser.
humor webdesign ie6 ie browser comic 2009 Jun 12, 9:02"Because linking to sources and resources is the key gesture to being a citizen of the Web and not just a product on the Web...If, on the other hand, you want to embrace the traits that make blogs,
Twitter, and so many other online communication tools a vital part of the daily life of your readers, your news site shouldn't feel like an endpoint in the conversation. It should feel like the
beginning."
via:sambrook journalism news internet web article link 2009 Jun 1, 2:03Wow, read this without expectations of what its about. This is the second identity-theft/Internet/personal-relationships story I've read. It makes me think we need VeriSign to do cert verification
for personal relationships but then I must remind myself that this must not be very common...
via:swannman identity identity-theft story psychology web blog joey-devilla 2009 May 29, 2:50
I like the idea of QR codes, encoding URLs and placing them
on real world objects, but the QR codes themselves are kind of ugly. To make them less obvious I thought I could spray QR codes on to an object with an infrared reflective paint and shine infrared
light on the QR codes, since most cameras, for instance the camera in my G1 phone, pick up infrared that our eyes do not.
In my search for infrared paint I've found a seller of IR ink (via programming forum) and an Infrared Paint Recipe (via IR FAQ).
In looking for this paint I've found that it comes up a lot in relation to the military for things like paint markers that are visible at
night with proper equipment, and paint that absorbs IR light to make vehicles less obvious to night vision goggles. Even though the first
reflects infrared light and the second absorbs it websites end up refering to both as infrared paint which made it difficult to search.
Additionally I found links to some other geeky infrared projects:
ir paint technical ir infrared qr qr code 2009 May 28, 1:12A homemade CPU and computer. I love the primary colors on the mess of wires. The close up shot is lovely.
howto diy hardware computer electronics cpu homemade maker-faire 2009 May 23, 4:45
In honor of Google Chrome's recent v2 release and because I read they don't make too big a deal about version numbers, I thought to create a graph of browser major version numbers over time.
Yeah that's not too useful of a graph. I got the release dates from Wikipedia of course.
As you can see from the graph, Netscape and Opera are leading all other browsers in terms of major version number. The other browsers really need to get on that.
browser technical boring google ie graph
Some rights reserved