| |
I am a hacker and you are afraid and that makes you more dangerous than I ever could be. |
|
Loic Le Meur’s Ten Rules For Startup Success |
|
|
Topic: Miscellaneous |
7:41 am EDT, Mar 13, 2008 |
Included in the article are his ten rules for startup success. Reprinted below. 1. Don’t wait for a revolutionary idea. It will never happen. Just focus on a simple, exciting, empty space and execute as fast as possible 2. Share your idea. The more you share, the more you get advice and the more you learn. Meet and talk to your competitors. 3. Build a community. Use blogging and social software to make sure people hear about you. 4. Listen to your community. Answer questions and build your product with their feedback. 5. Gather a great team. Select those with very different skills from you. Look for people who are better than you. 6. Be the first to recognise a problem. Everyone makes mistakes. Address the issue in public, learn about and correct it. 7. Don’t spend time on market research. Launch test versions as early as possible. Keep improving the product in the open. 8. Don’t obsess over spreadsheet business plans. They are not going to turn out as you predict, in any case. 9. Don’t plan a big marketing effort. It’s much more important and powerful that your community loves the product. 10. Don’t focus on getting rich. Focus on your users. Money is a consequence of success, not a goal.
Loic Le Meur’s Ten Rules For Startup Success |
|
Topic: Miscellaneous |
10:14 am EST, Mar 7, 2008 |
Or: What happens if Billy Dies I had to fill out a document today for work about succession planning. It's humbling, saddening, and yet satisfying all at the same time to know that things can continue if you get hit by a bus. |
|
Topic: Miscellaneous |
10:55 pm EST, Mar 5, 2008 |
While enumerating through all the properties of the window object in IE8, I noticed a couple things. The first was sessionStorage and globalStorage, so IE8 is supporting DOMStorage just like Firefox 2. This is nice, because userData was a pain in the ass to use (though interestingly, fairly secure with its default permissions) I'm still trying to figure out their XDomainRequest. Basically you have code like this:
var xdr = new XDomainRequest();
xdr.open("GET", "http://www.memestreams.net/");
xdr.send();
Instead of XHR's onreadystatechange XDR uses onload and onprogress. The problem is I can't find a working example (As of 10:44pm there are 7 pages on Google to even mention this object. I have confirmed the XDR send out HTTP requests with the header XDomainRequest: 1 and does not send any Cookies. Presumably the website has to respond with a special HTTP header that tells IE8 its ok to bubble the response to JavaScript. Otherwise you could use XDR to fetch contain from any site, though the lack of cookies reduces the chance of this containing sensitive data. In the above example the onprogress or onload events will not fire when I try to send a GET to www.memestreams.net from msblabs.org, most likely because memestreams isn't returning the appropriate HTTP header. Too bad, even without cookies that would have made for an excellent rewrite of Jikto. I don't now what the web server needs to response to. But here is a summary of what I do know: -XDR does not send cookies. Perhaps once the website has "agreed" with IE8 to return content to JavaScript then XDR will send cookies, but I don't know. -XDR includes the HTTP header XDomainRequest: 1 on its HTTP requests -XDR, like XHR, transparently follows redirects. HTTP request to the redirected resource still include the XDomainRequest: 1 header An XDR has the following properties/functions: -onerror -timeout -ontimeout -onprogress -responseText -onload |
|
Topic: Miscellaneous |
9:58 pm EST, Mar 5, 2008 |
Well thats cool, IE8 dims the URL in the address bar gray, expect for the TLD and the first level domain name. See below: Very Cool! Now to see if I can trick it... |
|
IE8 and Standards: Change for the *right* reasons |
|
|
Topic: Miscellaneous |
3:38 pm EST, Mar 4, 2008 |
We’ve decided that IE8 will, by default, interpret web content in the most standards compliant way it can. This decision is a change from what we’ve posted previously.
This is huge. And the correct decision. Bravo IE Team! Why Change? Microsoft recently published a set of Interoperability Principles. Thinking about IE8’s behavior with these principles in mind, interpreting web content in the most standards compliant way possible is a better thing to do. We think that acting in accordance with principles is important, and IE8’s default is a demonstration of the interoperability principles in action. While we do not believe any current legal requirements would dictate which rendering mode a browser must use, this step clearly removes this question as a potential legal and regulatory issue. As stated above, we think it’s the better choice.
[sigh] This statement hurts you. You should do this because its the right thing to do for the Web, not to remove "a potential legal and regulatory issue." or to in accordance with Interoperability Principles (which hopefully weren't discovered solely while writing a 2.6 billion dollar check to the EU). I don't think the IE team wants to make a non-standards compliant browser. Or simply a Silverlight terminal. At least I hope not, and I'm willing to give you the benefit of the doubt (take note Sarah and Andrew). But don't tell us you are doing something because you have to, tell us you are doing something because it makes the web a better place. Doing the right thing consistently helps to reconcile 6 years of neglect far more than upbeat blog posts of questionable accuracy. I'm willing to give you a second look, but make it for the right reasons. IE8 and Standards: Change for the *right* reasons |
|
Way to use that M in DMA! |
|
|
Topic: Miscellaneous |
3:17 pm EST, Mar 4, 2008 |
To use the tool, hackers must connect a Linux-based computer to a Firewire port on the target machine. The machine is then tricked into allowing the attacking computer to have read and write access to its memory. With full access to the memory, the tool can then modify Windows' password protection code, which is stored there, and render it ineffective.
[sigh]. DMA as a malicious vector has been understood for some time now. I point you to the 4 year old presentation 0wned by an iPod. Thus I'm not super impressed by a tool someone wrote in 2006 and sat on for 2 years that unlocks a windows PC over Firewire. Disabling a password is silly when the same vector also grants you the ability to inject malicious code directly into a process. Way to use that M in DMA! |
|
Topic: Technology |
4:55 pm EST, Mar 3, 2008 |
DOMTree.cs Line 84:
/// <summary>
/// recursive helper
/// </summary>
/// <param name="curr">curr DOM tree node</param>
/// <param name="token">Reflection Token</param>
/// <param name="locs">list of current reflections</param>
private void FindTokens(XmlNode curr, string token, ref List<ReflectedLocation> locs, string origParamVal) {
...
if(i <= 0 )
{
//HANDLE CRAP HERE, which I should do, but I don't.
//This is bad. Billy is a slacker.
}
...
}
|
|
Topic: Arts |
6:41 am EST, Feb 29, 2008 |
A statue made from chicken wire looks like a ghost when viewed from a distance.
Now thats just creepy! Very cool effect. Wire Frame Ghost |
|
Replacing people with RSS feeds |
|
|
Topic: Technology |
10:51 pm EST, Feb 28, 2008 |
I've worked with someone in biz-dev for a while where he essentially interfaces with certain large companies and keeps senior management and research up to date on things the companies are working on that impact us. There has been a slow and steady decline in the quality of these reports over the last year or so, to the point this person is literally forwarding me items directly from the company's RSS feeds. ... [sigh] ... So, I conducted an experiment where I subscribed to 3 RSS feeds and kill filed the biz-dev guy. The result? I'm actually receiving *more* up-to-date info then he was providing because I don't have the lag-time while he reformats other people's content into Digest-of-Company-X emails. Granted I'm missing his commentary but thats a trade-off I'm comfortable with. Maybe that makes me rude, but I found a way to save the company $80k a year. Go figure. |
|