Hopfest

I’ve been drinking some pretty high hop content beers lately. A few days ago, I brought home (finally) the new Sam Adams Hallertau Imperial Pilsner, which bears approximately the same relation to regular Sam Adams as regular Sam bears to a Budweiser (American version). Floral, elegant, bright with hops (Hallertau, of course) without being overly bitter, and pleasantly complex. The beer raised Lisa’s eyebrows, and that’s hard to do.

Her eyebrows were raised a bit higher when she tasted tonight’s beer, the Unearthly Imperial India Pale Ale from Southern Tier Brewing Company. Imperial, connoting a higher-alcohol variety of a standard beer variety, is getting a workout here, taking a standard IPA to unheard of heights. 11% ABV and high but well-balanced IBUs are the start of the story, as is the unearthly orange glow and the aroma, reminiscent of standing over an opened bag of fresh hops. Little to no head, lacing the side of the glass very slightly. Initial sharpness from the hops gives way to a lightly malty back of the tongue with good strong floral character throughout. I wasn’t familiar with this brewery before tonight but I’ll be seeking it out in the future.

Update: Nice article from the NY Times Food section tasting a variety of “extreme” beers, in which the Unearthly is namechecked (though not actually tasted).

Security: mass SQL injection hack

I’m starting a couple new departments on the blog today. The first, the Security department, is going to be posts about computer security concepts and events as I attempt to educate myself about the field. I’m kicking off the department with this story about a mass SQL injection attack that recently hit more than 70,000 sites (via Slashdot That’s a lot of compromised sites, but the really astonishing thing is the vector that was used to do it.

SQL injection—putting database command language into a system as user input or command parameters so that it is executed in a remote system—isn’t a new attack vector. It’s been around since at least 2004, when it was used to deface the Dremel website. It’s also a fairly well understood attack—if you can explain a security vulnerability in a comic strip, you have something that developers should be able to figure out how to avoid.

So why are these vulnerabilities so widespread? One reason may be the ease of web development and its separation from more structured programming disciplines. It’s second nature to a well educated developer to sanitize inputs; self-taught scripters (PHP, ASP, whatever) may not have been exposed to the importance of this principle.

Virginiana, Wikipediana

I’ve been expanding my Wikipedia footprint over the past few months. Starting on the Virginia Glee Club page, my contributions now span articles on a few University presidents, the Raven Society, the Virginia Gentlemen, and even the Seven Society. Yes, editing articles on Wikipedia is a gateway drug.

So I made it formal the other day and joined the WikiProject University of Virginia. I don’t know exactly what that means but I suspect I’ll find out soon enough.

I’d welcome help from other University alumni or interested parties regarding any of these topics. For instance, there is damned little about the VGs online to use as reference material for discussion of this 50+ year old a cappella group, and I know they’re more notable than the Hullabahoos, who have a kick-ass article.