Category: linkblog

Interesting critique of the "speech bubble" treatment in the dashboard. I've always thought it's an effective way to highlight something happening in a hidden part of the interface — look over here! I have x things to show you! — but the comic is right, the metaphor is awkward.

"The worst thing that can happen at a convention is that it can in fact turn into an actual decision-making convention. The worst thing that can happen at a convention is that it can be real. That is almost always a harbinger of bad things to come."

?.jpg for fun and profit.

Neal Stephenson goes Gene Wolfe? There's more than a little sense of some of the deep wordplay that characterizes Wolfe's speculative fiction in this dictionary excerpt. Should be fun.

Iterative testing uncovers XSS vulnerabilities in the default ValidateRequest filters in ASP.NET AND identifies HTML interpretation bugs in IE7 that are fun and entertaining. Remember, kids, always {canonicalize and whitelist your inputs|whitelist and encode your outputs|avoid IE}.

Partial release notes for new Delicious 2.0 features.

"I don't care how many movies are available to me. As my personal taste as a customer, I want to watch the new stuff so whether we have 10,000 movies or 200 movies doesn't matter …" Blockbuster CEO Jim Keyes, meet the Long Tail.

Interesting roundup of SSH clients currently in the App Store for the iPhone. So you can interrupt a phone call to restart your servers (or vice versa).

A welcome reversal–but there's no definitive word that the MBTA won't pursue further chilling actions, nor that they will actually fix the broken system.

In a list of possible Republican VP candidates: "Connecticut Sen. Joe Lieberman, the Democratic vice presidential prick in 2000 who now is an independent." Heh.

Dave sez, let's stop splitting hairs and look at the real choice before us.

For those occasions when it's after midnight, the network guy at the motel has gone home, and the router craps out…

Reasons to love Harper's Weekly: their version of the story reads, "Nils, who shat himself during the ceremony, was, read the proclamation from King Harald the Fifth, 'in every way qualified to receive the honour and dignity of knighthood.'"

Toys and tools released at DEFCON. If you don't know what a VOIP fuzzer is, you probably won't enjoy this list.

Rand's latest kind of unifies GTD with Steven Covey's stuff. Interesting read.

You know, maybe we shouldn't be allowing just anybody to have student names and birth dates without proving that their sites are secure. I'm just sayin'.

The hypothesis is that In-Q-Tel's investment in application security technology is how we're going to get our cyber security problem addressed.

Good resource on early English type.

Fuzzing tools vs. static analysis. The false positive problems of static analysis are highlighted.

McCain: against net neutrality, pro copyright extension, all by “tweaking” the Internet infrastructure. Not a net candidate.

Interactive tool allows you to draw a solar array and your energy bills, then do the cost-benefit calculation.

We knew she worked for OSS but not what she did. It’ll be interesting to find out whether she was office based or field based.

JP lifts the cover on his new TV gig.

Apparently, coding Notepad replacements is the new coding blogging engines.

Peter Holsapple talks about the difference between cutting demos for the dBs in the early 80s and doing it with ProTools today.

Precedent setting move that interprets “free licenses” as setting conditions on the use of copyrighted work–if you violate the conditions, you’re guilty of infringement. Clear and unambiguous and very important.

That’s a sad day.

The confidential recommendations to the MBTA made public. If there were any doubt of the MIT students’ intentions, this paper should clearly show that they were trying to help.

Not only does the MBTA not understand security or the First Amendment, they published the secret that the MIT researchers were trying to help them to keep.

An interesting alternative to grilled pizza.

“The idea of there being these two separate things has to be forced away from our thinking. They are one team, which produce one product. Stick their desks together and see what happens.”

I wonder what the looming prospect of “real” cyberwar does to responsible disclosure and other cherished security research principles.

3,739 MP3s from 78s. Start grabbing ’em before the RIAA hits him. Oddly, “Aba Daba Honeymoon” was one of the songs my Aunt Marie requested in hospice, and we couldn’t find it except on Youtube.

A commercial company’s ability to innovate is inversely proportional to its proclivity to publicly release conceptual products–Kontra’s Law. AKA “Real artists ship.”

It makes sense. If you can predict hot products by watching search trends in cyberspace, you ought to be able to predict shooting wars by looking for politically motivated DDOS attacks.

An argument for soft-cooking green beans sounds pretty good to me.

A thorough review of McCain’s abortion voting record, public statements, and recollections of political acquaintances confirm his hardline pro-life stance.

Russia vs. Georgia = The return of military geopoliticism.

More Black Hat/Defcon fruit–spoofing HTTP 301/302 to force a customer to downgrade an HTTPS session for the purpose of stealing cookies.

Chandler makes it to 1.0. Dreaming in code no longer?

Orwell’s six rules for clean, strong English: avoid stale figures of speech; favor short words where possible; cut words where possible; prefer the active voice; English over loanwords and jargon; and break these rules to avoid outright barbarism.

“What this talk is not: Evidence in court (hopefully).” MIT students talk about security problems in the MBTA, including Charlie Cards; media howls OMG MIT HAXXORS. How about OMG MBTA SUXXORS??

Amanda Palmer meets Feist.

Man. I wish we had known about this option eight years ago in our first floor apartment at Worthington Place. Those privacy screens we ended up using were dangerous.

Ironic, isn’t it, that it’s the middle class self made man being painted as elitist by the wealthy man from a wealthy family who owns his own private jet and owns six houses.

Oh for God’s sake (redux).

Krugman’s take on the Republican strategy for the election: simple answers for complex problems, and to hell with the facts.

Getting around memory protection safeguards in Vista and Windows Server 2008 undoes a lot of the work that Microsoft did to guard against exploitable buffer overflows. This is A Big Deal, particularly if it’s as reusable as Dino Dai Zovi claims.

Followup to yesterday’s “killswitch” file. This is a list of applications that are forbidden to use Core Location, not a full-on killswitch. Still an interesting design decision, and one I wouldn’t want to explain to developers.

Here’s the list of 2.6.1 bugfixes. I don’t see anything about the nasty admin login cookie issues that bit all those of us who upgraded to 2.6.

The best lesson I ever learned from Ken Morse and his classes: Cash Flow Is More Important Than Your Mother.

What Microsoft thinks about possible security issues with WCF (and to an extent .NET by extension).

For all those people who miss the Swarovski crystals on their iPhone, this $999.99 iPhone app might do the trick.

A different sort of review, but how many pro reviewers get compliments on their hair from the diva at the end of the night?

“The virtues of Saturday’s extraordinary concert performance of “Eugene Onegin” by the Tanglewood Music Center Orchestra began with its cast. … The brilliant Tanglewood Festival Chorus gave voice to the opera’s various peasants, maidens, and partygoers. The ovation at the end was enthusiastic and long-lasting.” And Renée Fleming was pretty darned good too.

The free track from the new Eno/Byrne collaboration is up, sounding almost, but not completely, unlike “My Life in the Bush of Ghosts.”

I think this is the solution to my music library storage problem: rack a bunch of these together and label the doors. Now: table, wall, or on a stand?

“During some gossipy interjections, the Tanglewood Festival Chorus showed rare disunity.” ORLY? I would have said we were awfully unified, just without the precision of diction that we usually bring.

“There was a lot to relish in ‘Onegin.’ … Too bad this performance will never be heard again. It will live on in memory.”

“Sir Andrew Davis … stood in for Levine, earning thanks for a fine job. He doesn’t create the buzz and excitement that Levine does, but he’s only human, and it’s beginning to look as if Levine is something more.”

On the Fourth Amendment and its "chilling effect" on government. Well, duh.

That ridiculous article about whether Obama wasn't fat enough to be electable, with all those interesting quotes from Hillary supporters? Turns out the reporter trolled for the quotes with a Yahoo! message board post.

It's incredible after all this research that the best medicine can tell us about colic is to teaach the baby to soothe itself.

Oh for God's sake.

Non-closure closure for the big post-9/11 mystery. If this is true, it suggests that fear itself was our worst domestic enemy after the 9/11 attacks.

Twitter had a cross site request forgery vuln.

And it's about damned time, too. Fixes both the DNS vulnerability and the AppleScript ARDAgent vulnerability, as well as a host of others. Apple: What took you so long????

Sample end-to-end .NET/WCF application

A simple personal wiki engine.

MediaWiki isn't the easiest to install wiki software out there, but it's still (for my money) the best. A quick personal setup guide for running it on a Windows XP box.

It's interesting to see the ranks start to crumble.

They’re back! And they’re unleashed on the App Store!

Why do we assume that our software is secure?