A few weeks ago my wife complained she couldn’t install software on her WindowsXP-laptop any more. When doubleclicking the downloaded application, she got the errormessage “This is not a valid win32 application”. Earlier today I had the same problem when trying to install Putty, so I tried downloading the file again and noticed the following error in my FF download manager:
This download has been blocked by your Security Zone Policy
(or “deze download is geblokkeerd door uw beleid voor beveiligingszones” in Dutch) After having frantically searched for “Security Zones” in FF own configuration-screens, I turned to Google only to find out that this setting is actually managed in the MSIE configuration UI. So to enable Firefox to download executables, I have to change MSIE-configuration (which I did)? Weird to say the least.
Dus Caroline Gennez en den Baard voerden de “Partij” in sp.a af om een handvol “Progressieven” binnen te halen en zijn nu verwonderd dat de partij tegenspartelt? Misschien hebben ze soortgelijke plannen met de “a” in de naam; een handvol ACW”ers, oud-Agalevers en andere Alternatievelingen staan ongetwijfeld te drummen om ook een letter te krijgen. Dergelijke minimalistische verruimingsoperaties bieden echter weinig meerwaarde. Integendeel, de sp.a verliest op die manier verder van haar eigenheid. En is die wazige positionering niet juist één van de redenen voor de slechte resultaten bij de verkiezingen in 2007 en in de opiniepeilingen? Mag ik daarom een tegenvoorstel doen? Laat die gedemodeerde “a” terug vallen en voer als SP (“Socialistische Partij” of “Socialistisch Progressieven” als U dat echt wilt, zolang het maar “Socialistisch” is) keihard oppositie tegen de sociaal-economische politiek van deze regering. Als Johan, Caroline en Bert zich daar niet in kunnen vinden, mogen ze gerust een stapje terugzetten. Dan mag één of andere oude bulldog wat mij betreft gerust nog even uit zijn kot komen.
If you’re using Facebook, you’ve probably already tried out its chat functionality. Yet another browser-based chat, only available when on Facebook, right? Except there’s this great plugin for the open source, cross-platform, multi-protocol IM-client that is Pidgin. Just add Pidgin-facebookchat to your plugins and you can chat with Facebook-friends the same way you chat with all your Google Talk-, MSN- or AIM-buddies. Nice work guys!
And for the Twitter-loving Pidgin-users; maybe this Twitter-plugin works for you?
I just received a mail from Frank Goossens. I’ve apparently invited myself to view “an adorable Christmas-card” containing “warm wishes”. Moreover I tried to guilt-trick myself into forwarding that same card to friends and family, as that simple gesture would provide the poor with (unhealthy fried) food for the Poverello Christmas-dinner. In general I don’t like virals, but I was curious to find out if Agency.com just spammed me or if someone (ab)used my name and email to bug me. So I clicked the link, told Noscript to trust the (flash-)site temporarily, looked at the Firebug-output while testing the application and tinkering with some of its URL’s. The results:
One can tweak the system for the “message” to contain links and images (lesson 1: do not solely rely on client-side validation in flash or javascript)
Going one step further, you can also insert javascript in that message. That code isn’t executed inside the flash e-card, but assuming there is a plain html-backend (there always is, for reporting or export-purposes) it’s trivial to sniff the backend URL and steal the session-cookie as soon as someone accesses a page which contains that message. The URL and session-cookie can be used to gain access to the admin-site (lesson 2: render all user-submitted data harmless before storing in the database, use a htmlfilteringcomponent if need be)
It’s trivial to abuse this system to send spam with 1 automated GET-request per 5 recipients (lesson 3: think about how your system can be abused an try to harden it accordingly)
It’s really easy to “harvest” all 48.000 names, e-mail-adresses and messages sent (lesson 4: auto-numbers are a bitch)
Ladies and Gentleman marketeers and ad-agency account executives; do not think that virals, mini-sites and e-cards aren’t susceptible to hackers. You should consider web application security as a mandatory feature! Unless you have an unstoppable urge to gift-wrap your (or worse, your customers) data and hand it out to spammers and hackers, off course.
Firefox 3.1 is just around the corner and I’ve been using the beta’s for a couple of months now, but I didn’t really feel the urge to write about it up until now. But with things heating up between Google Chrome (already out of beta!), Safari and Firefox and with new versions of MS Internet Explorer and Opera in the making as well, one can’t really stay indifferent I guess? First off; a non-exhaustive list of changes;
and lots of smaller changes, such as selective tab restore after crashing (so you can kill the culprit which crashed your session), the possibility to move a tab to a new window, support for the “defer”-attribute in the script element, clickable hyperlinks in the source view, …
So if FF3.1 performs that great in Sunspider, does it really feel that much faster as well? To be honest; it doesn’t. Or at least, it didn’t, at first. But here’s a tip; if you’re a bit like me you’re bound to have a lot of extensions installed (and disabled and uninstalled and not compatible and …), you might have some forgotten tweak in your about:config and you probably have huge history and bookmark-databases. In that case do yourself a favor and start from scratch with a new profile and Firefox 3.1 will truly fly. Off course not all is perfect. I don’t like the fact that tabs inadvertently get moved to a window of their own regularly. And Flash still crashes FF all too often, Firefox really needs something like the process isolation in Google Chrome and MS IE8’s loosely coupled IE, but that might be more than just a small CR. All in all, with Firefox 3.1 the Mozilla-folks seem to have almost everything to fight the new kid in town. You can download the latest beta here and test for yourself. Let those browser-wars rage!
[Newspapers] copied their paper/website logic to RSS feeds without adapting it to the medium. As a result, you get long lists of news articles with no difference between front-page news and a small article at the back of the newspaper.
To solve this problem, he proposes editors to (also) offer a “front-page feed”, which would contain only the most popular (automatic) or most important (handpicked) items. Not a bad idea at all (are you listening, deredactie?), but even more important; shouldn’t news-websites start treating RSS as a publication-channel in its own right, containing the entire article (and why not even enclosures for AV-material)? Because, expecting me to click through, seriously?
I don’t have the time to click through when quickly skimming through my feeds at work
I can’t click through when reading offline, on the train
RSS-feeds can indeed be a great way for readers to focus on content, without the overhead of the “normal” website-context. Heck, I’d even accept some text-ads and links to related items in there if need be. Publishers will sooner or later really have to let go of the concept of their (semi-)walled garden as the only place where visitors are allowed to consume their content (as they had to let go of the paper-only distribution-model). Focus on reach (“content views”) instead of pageviews, allow your readers to decide in which context the content is consumed (think rss-reader, think syndication, think mash-ups, …)! I happened to stumble across this full atom-feed for deredactie.be, containing entire articles and enclosures for images, audio and video and it’s just great! I’m sure it could help info-overloaded users to keep more up-to-date with the news and that an official (because this one isn’t) full feed from deredactie could massively improve the reach of the great VRT nieuwsdienst content (according to CIM they’re really not doing that great when compared to the competition). So, let me quote Bert; “Mr. editor in chief, please help RSS to become the success it deserves to be” and I’ll happily add “Set your content free!” to that.
This weekend I had to resort to Joikuspot (software that turns your 3G-cellphone into a wireless gateway to the internet) for my web-needs. Because I encountered a few problems setting up a connection from my Ubuntu laptop, here’s a quick recap for documentations sake. The rather fundamental issue was that I couldn’t get my computer (a Dell D620 running Ubuntu 8.04 with the iwl3945 driver) to join the ad-hoc wifi-network which Joikuspot (on a Nokia e61i) created. As connecting from my wife’s Windows XP laptop did work, I googled around a bit and it turned out I had to specifically set the channel used by Joikuspot to 1 or 6 instead of “automatic” or 11. Although NetworkManager still seemed confused, this did allow me to connect from the command line (disabling wireless networking in NM first and then using iwconfig and dhclient). But why joining an ad-hoc wifi-network on channel 11 doesn’t work in Ubuntu, that I still don’t know. Once connected to the wireless network, I found out that Joikuspot Light requires your browser to auto-detect a proxy. The proxy in Joikuspot seems to be used to limit the functionality of the free version and gently push you towards the non-free Premium product. As my normal web-connection came back soon after I figured this out, I didn’t bother to test if I could tunnel my way out of those limitations. But crippled or not, Joikuspot is great to have around when your broadband connection is down.
Lifestreaming is where it’s at, so here I am, aggregating all my stuff (Google Reader shared items, my Youtube clips and favorites, my Facebook status and my blogposts) into one place. I tried sweetcron a couple of weeks ago, but for some reason it didn’t feel “ready” yet (or maybe I didn’t want to invest to heavily in it). I recently installed a simple WordPress plugin which seems to be doing the trick very well. Sweet indeed! Next up; something to handle multi-language blogging a bit better, but now for something completely different (The Firm, Star Trekkin’ on Youtube);
To be completely honest; except for MfE and the browser I don’t use all of this on a daily basis, but I can assure you that just calling someone on the phone works swell as well 😉
A few weeks ago my wife complained she couldn’t install software on her WindowsXP-laptop any more. When doubleclicking the downloaded application, she got the errormessage “This is not a valid win32 application”.
