Author Archives: admin

Helping fix Firefox and adapting to it at the same time

Hank Williams over at Why does everything suck? wonders how to best report an obscure and weird browser bug. He’s got the right idea: save a static copy of the HTML, JavaScript, and CSS, and then strip out everything unrelated until you have the minimal chunk of code required to duplicate the bug. You can speed this up by making an educated guess at which code is related, and doing a binary search from there. Include the minimal test case with the bug report, and the Firefox (or WebKit) team will love you for finding a test case for such a wacky, rare bug.

I’ve done this a few times for Mosuki, and each time, I discovered a workaround before I got to reporting the bug. Each time, the bug was either the result of a interaction between components I thought were unrelated, or I found some other method of achieving the same result that didn’t trigger the bug. (Of course, it was usually an Internet Explorer bug that I was fixing, so there was no way to report the bugs.)

“That’s a Hezbollah flag.”

A reporter at The Atlantic makes a mockery of the TSA and airport security, with help from Bruce Schneier.

All your neighborhood are belong to us

A mapmaking firm is suing to keep your neighborhood boundaries out of the public domain.

Noe Valley bloggers wonder where their neighborhood is, exactly… they should check The Neighborhood Project.

He’s good enough for me.

Hilarious matching Barack Obama bumper stickers:

Either way, judging from the content of his character, he’s got my vote. (via Ross and GOMI style)

While you’re giggling, a donation couldn’t hurt.

HttpOnly cookies in Python & Pylons

Thanks to Jeff Atwood for posting about the benefits of the HttpOnly flag on cookies. Support for HttpOnly cookies has now been added to Python 2.6’s Cookie module, and Paste’s WSGIResponse. Pylons applications can now use the HttpOnly flag to protect cookies, significantly raising the bar against XSS attacks on users of those applications.

Latest versions of Firefox, Opera, and Internet Explorer already support HttpOnly. Now all that’s left is for Apple to fix CFNetwork to support HttpOnly and then WebKit/Safari will be able to support it too.

Mute magazine’s dymaxion map

Mute magazine’s metamap, based on Buckminster Fuller’s Dymaxion Map, was a catalog of global surveillance phenomena and technology completed on September 11th, 2001; thus it was obsolete the day it was released. It’s still pretty cool, though:

PDF here.

glibc and shit

Ted Dziuba publishes the best diagram of Google Chrome yet:

Rebuild mail-notification to support SSL under Ubuntu/Debian

Because of a four-year-old disagreement on the legal interpretation of the GPL and OpenSSL licenses, Debian is shipping a neutered and useless version of mail-notification without SSL support. Ubuntu hasn’t resolved the issue, so they’re shipping the same broken package too. People arguing about why they can’t fix bugs bores me. So here is a script to download the source packages, and rebuild them with SSL enabled. It even bumps the version number so that the package manager doesn’t try to overwrite your working package with the broken one in the repository. It also keeps track of the (on my system) thirty-seven megabytes of build dependency packages that it installs and removes them once the package is installed.

Continue reading →

Real change

Hendrik Hertzberg paraphrases Bob Kuttner on Barack Obama:

[Obama’s] character and talents—in combination with the manifest failures of conservative rule and the manifold crises it has created, exacerbated, or ignored—give him a fighting chance to lead the country into a deep and lasting era of positive change.

He also links to More Evidence of a Sustained Progressive Revival.

Google Chrome

Google makes it really difficult for me to to keep thinking of them as the new evil empire when they release things like Google Chrome, and say things like “we need the internet to be a fair, smart, safe place.”

A browser with a “privacy mode” where “nothing that ever occurs in that window is ever logged onto your computer?” Where do I sign up? I’m ready to throw away my separate Firefox profile just for guests and browsing XSS-vulnerable sites like MySpace.

One question: do Firefox employees still get to ride the Google bus to work for free? I hope so.

glyphobet • глыфобет • γλυφοβετ

musings over a tuna fish sandwich