Category: linkblog

Illustrations of how to think about writing secure code: a little brainteaser called “what’s wrong with this application?”

Chrome’s extension model will be HTML5 + CSS + JavaScript.

Is there room-temperature quantum entanglement at play in photosynthesis?

The book reviewed, _Guesstimation_, sounds like a good way to un-rust some rusty physics and problem-solving neurons.

HTML 5 is here, it’s just not evenly distributed yet.

A standard license and library of embeddable high quality fonts for the web. This could make Typekit the Adobe of web design.

Maybe, finally, a replacement for Art of the Mix?

Lowering transaction costs = more small entrepreneurship opportunities. A good read, provocative as always, from Chris Anderson. The flip side of this is that on the financial side, smaller lenders = less readily available cash = constraints to getting new businesses started.

Using the Redirection plugin with regular expressions–some quick examples. I used this to fix a big chunk of my old blog archives that were 404ing after my blog consolidation.

Buffer overflows–not just for criminal purposes. A buffer overflow in a Zelda game can be exploited to load an “arbitrary code” channel on your Wii.

A sobering, even frightening exploration of vulnerabilities in the way most browsers and OSes interact with proxies can be exploited to pwn an HTTPS session, stealing and altering supposedly secure data. Must read.

When I first read about this, I totally missed that the subway car MOVED. I just thought it was a small, lame repro. My bad.

Some very interesting speculation on how the iPhone is about to evolve.

Good luck with that.

The Wikipedia community voted to dual-license its content under GFDL and now Creative Commons/ShareAlike. That’s a big, big victory for the commons.

Oh man. Data porn at its finest. My favorite part? Not only is the data available in a variety of formats (not all of it is XML, but it’s getting there) but each data source contains a description of the methodology listed to collect it.

Why try to make sites pixel perfect for IE6 when you can give them an adequate default appearance and leave it at that?

Disclosure on the nature of Apple’s unpatched Java flaws, and how it’s possible to 0wn the whole machine with a supposedly sandboxed applet. MacOSX users, disable Java now.

An interesting policy tradeoff — I wonder which “major lawsuits” are being dropped to get this to move forward.

Responses to security audits range from the funny to the sad.

Handy checklist to determine whether a work is in the public domain in the US.

Nicely executed. Missing only a few details (astronaut dummy with donut) to join the police cruiser atop the Great Dome as one of the great all-time hacks.

OK, this is conceptually brilliant. Black socks in a subscription model (a package of three every three months). They do underwear too. I wouldn’t pay $89 for a year’s subscription though, not when a $20 package from Costco of assorted black socks lasts more than a year.

Why hatred is a bad business driver — if all you know is you’re against Company X, it’s very hard to be for something. Plus, it leads to weaker understanding of what the customers really want.

Strong checklist to evaluate products, business models, and startups.

I’ll have to download this before we go to the reunion at UVA.

Frankly, at this point, any sign that Apple takes security seriously is welcome.

I wonder how that works for FiOS customers in those states. I’m guessing “landline” here means traditional copper, though they don’t specify.

Nice. A ton of books from the Cornell Library are now on the Internet Archive.

The “river of news” (to cite Dave Winer’s long standing description) is a little too markup heavy to be the Times’s front page–and the picture wall to the right is distracting when you mouse over it. But it’s a big step up from the table-heavy, newspaper manque layout that it’s an alternative to, and it has one big benefit–fresh news is on the top. I’d like to see other news outlets play with this format.

There’s nothing more humbling than watching actual end users struggle with your software.

Making a stronger connection between Krazy Kat (“There is a heppy land fur, fur, awaaa”) and the history of African American freedom. I had no idea that the Happy Land was real.

The connection between self-control and academic performance: “The child who could wait fifteen minutes had an S.A.T. score that was, on average, two hundred and ten points higher than that of the kid who could wait only thirty seconds.”

New Salman Rushdie short story.

Incidentally, password protected ZIP and RAR archives aren’t secure.