A new technique shows resizing of images while keeping the important features of the image undistorted, also allows you to protect or remove part of the image with anything removed being automagically and seamlessly filled in.
Tsudohnimh wrote: I clicked a link for hot judicial action and I got 0wn3d. I'd like to thank the academy, my parents for warping me, Tom and Nick for letting me do this, and my hero Acidus.
OK, let me explain what the story is with this. Its possible to embed a link in a MemeStreams page to /recommend. When people who are logged in click on it, it will automatically post a message to their MemeStream, and then redirect them back to the page they were looking at. Ironically, this tends to result in lots of clicking, as it seems like the browser has done something wrong. If Acidus had really wanted to be nasty he could have included a redundant link in the posts he was adding to your pages to that people who read your MemeStreams would also spread the post. Its like a meme worm.
This is actually a problem that Rattle and I anticipated when we first built this website. We used to have protection in place that prevented this. It worked by checking to make sure that when you submitted a post the referer header in your http request came from /recommend and not some other page. Unfortunately, we ran into trouble with this feature. Some Internet privacy software screens referer headers out of http requests, and so people who used such software were unable to post. After struggling through the process of explaining to a few users how to fix this problem we decided to disable the security feature for /recommend until we had time to revisit the problem. The security feature is still present in /delete and /edit, because we decided that a self propagating MemeStreams Meme was only a bit of an annoyance, but if someone wrote a javascript that wiped out your whole blog that would be a serious problem. This explains why a few of you have trouble editing or deleting posts sometimes.
We have a fix for this problem which is unlikely to cause problems for people running Internet privacy software. Its checked into subversion. However, we haven't shipped it yet because it is boiled in with a bunch of other changes to the UI that aren't quite ready for release yet. We decided it might be fun to go ahead and let Acidus propagate one of these Memes as he uncovered this issue a few weeks back and advised us on how to implement a better fix. I'd like to say that we're shipping this weekend, but I don't think its going to happen. I'm skiing and Rattle is attending Outerz0ne. Acidus is actually giving a talk at Outerz0ne which includes a discussion of this issue, so its not out of the question that you might see a few more people screwing around with it. Fortunately I don't think you can do anything terribly malicious with this. Its all in good fun.
One clever MySpace user looking to expand his buddy list recently figured out how to force others to become his friend, and ended up creating the first self-propagating cross-site scripting (XSS) worm. In less than 24 hours, "Samy" had amassed over 1 million friends on the popular online community.
Basically the worm was XSS embedded in someone’s profile on MySpace. When someone would view the profile, they would execute the Javascript in their own browser. The payload of the XSS was Ajax which would make GET and POST requests to MySpace, adding the XSS Payload to that user’s profile. This spreads the worm!
As with most worms using a new attack vector, this was harmless, adding the message “samy is my hero” to each infected profile along with the XSS payload
Update: Here is the source code of the XSS Payload. I haven't had time to format it properly. I'll do an analysis of it later and post it to Memestreams.
] I was connected via a soldier on Iraq who sent me a ] picture of the radios they are using to set off the ] IEDs. Some of them are using FRS radios (Family ] Radios). The picture I saw was a Motorola TalkAbout ] 5000 (or something like that). ] ] What I did was make a FRS radio connected to a 7 watt ] external amplifier, and with a BASIC stamp controlling ] the main function buttons of the radio. It will hop through ] all 838 possible codes (22 channels, 38 privacy codes) and ] transmit for 1 second on each channel. Hopefully ] setting off the bombs before they drive through.
Very interesting. There is a picture of a nokia phone that someone has attached a small circuit board to. I assume the voltage for the ringer switches a relay that trips the explosive. Pretty tech savvy for an islamist fundi. They should find one of these guys for make magazine. :)
Freedom to Tinker: Why Use Remotely-Readable Passports?
Topic: Technology
10:04 am EDT, Apr 15, 2005
] Regarding bags that block radio signals; we (me, ] colleague who shall remain nameless) tested this with our ] building access cards and our cell phones. An anti-static ] bag for computer chips was demonstrated to NOT block the ] signals. However, an (aluminized) anti-moisture bag for ] corn chips (specifically, Fritos) successfully ] deactivated both my cell phone (GSM) and my access card, ] even pressed directly against the reader. ] ] It is a small help to know that effective RF shielding is ] available in many snack vending machines, and that the ] shield itself is a mundane enough item that it will not ] attract attention.
Pringle's cans and Fritos bags!
Aluminum-lined junk food packaging: It giveth the signal, and it taketh it away.
I'm sure I saw this when it came out, but its a good hack. The glow from your monitor can probably be seen out of your window. If you slowed things down really slow it wouldn't appear as a glow, but rather a strobe, as the electron gun in your monitor sweeps across rows of phosphorus. If you recorded the flashes, and knew the rate at which the gun was sweeping, you could reproduce the image displayed on the screen. Nice...
