| |
I am a hacker and you are afraid and that makes you more dangerous than I ever could be. |
|
Topic: Miscellaneous |
10:40 am EDT, Aug 25, 2009 |
Its not everyday you get to see a dead man walking, let alone two. Of course, I much perfer this type of Dead Man Walking |
|
Foreign Policy: The Land of No Smiles |
|
|
Topic: Miscellaneous |
11:03 am EDT, Aug 24, 2009 |
Renowned documentary photographer Tomas van Houtryve entered North Korea by posing as a businessman looking to open a chocolate factory. Despite 24-hour surveillance by North Korean minders, he took arresting photographs of Pyongyang and its people—images rarely captured and even more rarely distributed in the West. They show stark glimmers of everyday life in the world’s last gulag.
The land where its illegal to smile at a camera. Foreign Policy: The Land of No Smiles |
|
Annoyance of the Month: SwitchProxy |
|
|
Topic: Miscellaneous |
9:19 am EDT, Aug 24, 2009 |
SwitchProxy still does not work with Firefox 3.5. This is getting unbearable. Anyone else have a Firefox Add-on that they use to manage proxies? I don't need anything that scrapes "anonymous proxy" (aka hacked boxes that sniff traffic) lists. I just need a simple "use the proxy" switcher where I can quickly change proxies from browser toolbar without an dialog boxes. Any ideas? |
|
Cross Domain Demo Parent Page |
|
|
Topic: Miscellaneous |
9:10 am EDT, Aug 24, 2009 |
On way of doing cross domain communication is to have a parent page in 1 domain and an embedded iframe pointing to another domain. The 2 domains can both access the fragment of the URL that specifies the location of the iframe. Thus you can use iframe fragment identifiers for cross domain communication. Typically this is done by both sides polling the URL of the iframe using setTimeout() and looking for messages. This adds a lot of latency and introduces race conditions where messages can get clobbered. [aside] I looked into using this for Jikto to communicate with its UI. However Jikto only required a very primitive "UI to scanner" interface (namely, "start"" and "stop") while it had a widely used "scanner to UI" interface to bubble out URLs that had been scanned, vulnerabilities that it had found, debugging information, and status/progress messages. Instead I used JavaScript's native Image object to make throwaway, blind GETs to send the data to a web backend that the UI pulled from. If the improved method below had been available I would have used it and bypassed the server-side data store requirement completely. [/aside] The linked demo page shows a very cool improvement to the iframe fragment communications channel method. Instead of polling it uses onresize to interrupt the opposite side and ensure the message is acted on immediately. More here at Ajaxian Cross Domain Demo Parent Page |
|
Suspect in model's murder found dead in Canada - CNN.com |
|
|
Topic: Miscellaneous |
11:36 pm EDT, Aug 23, 2009 |
Fiore's body was found Saturday in a Dumpster behind an apartment complex in Buena Park, just outside Anaheim, California. Her teeth had been extracted and fingers removed in what police said was an apparent attempt to conceal her identity. Law enforcement sources told CNN Fiore was identified through the serial numbers on her breast implants.
About a month ago, Lord Tivo (PBUH) willed me to start watching Bones. It's not as good as Law and Order (understandable really, you ain't gonna beat a show with Jack McCoy) but it's a solid show. This news story sounds like a typical episode. Suspect in model's murder found dead in Canada - CNN.com |
|
Carsonified » 10 Vital Lessons for Web Start-Ups |
|
|
Topic: Miscellaneous |
5:52 pm EDT, Aug 20, 2009 |
This summer we launched Perch as a side project from our web development agency, edgeofmyseat.com. Perch is a really little content management system aimed at web designers who want to enable their clients to update their own site content. As this is our first product (we normally work on website projects for design agencies), there were quite a lot of new things for us to learn. In this post I’ll cover some of the things we’ve learned along the way. Whilst the same lessons won’t apply completely to every situation, they’ll be interesting to anyone thinking about launching a web app.
These rules really apply to any startup. Carsonified » 10 Vital Lessons for Web Start-Ups |
|
Topic: Miscellaneous |
1:43 pm EDT, Aug 20, 2009 |
Anyone else feel dirty saying "Idempotence"? |
|
Topic: Miscellaneous |
1:35 pm EDT, Aug 20, 2009 |
From: Hoffman, Billy Sent: Thursday, August 20, 2009 10:26 AM To: Sima, Caleb Subject: RE: Real world flash RAINBOWS!!!!!!!!!!!! -----Original Message----- From: Sima, Caleb Sent: Thursday, August 20, 2009 1:26 PM To: Hoffman, Billy Subject: RE: Real world flash huh? -----Original Message----- From: Hoffman, Billy Sent: Thursday, August 20, 2009 10:19 AM To: QM Security-Labs; Salazar, Oscar Subject: Real world flash test http://www.kidlandia.com/map.aspx?MODE=Personalize&MAPID=2C55D453 Billy Hoffman -- Manager, Web Security Research Group HP Software Direct: 770-343-7069
Update: You get a lot of crap when you use a magical fairy wonderland as a test case. What the bug is in what? Just Fix it already! |
|