Tech

Tech-focused ramblings. Computers, blogs, and whatever else fits.

Ecto for Windows

by

A few months ago Alex Hung, one of the regulars in the TypePad User Group, announced that he was working on a Windows-based application for posting to TypePad and MovableType-based weblogs that he was calling TypeWriter. Not being a Windows user I didn’t have a lot of use for this, but I watched his progress as he posted updates on his project in the forums.

Earlier this week, Alex, Adriaan Tijsseling, and Joi Ito jointly announced that they have joined forces, and TypeWriter has now become Ecto for Windows.

Congrats to all involved!

(via Boing Boing)

Solutions for MP3Concept

by

Another thing I like about the Mac community — there are a lot of very intelligent and creative people in it. Scant days after the proof-of-concept MP3Concept ‘trojan’ caused such a brouhaha in the Mac community, various approaches to dealing with the potential vulnerability are appearing. MacFixIt highlighted two very interesting techniques today.

First, Rick Bargerhuff has created a small AppleScript Folder Action that will scan for potential exploits using the MP3Concept technique:

The Folder Action will check any files or folders to see if a file’s name- extension corresponds to the file’s Type and kind. If it does not meet this criteria, the script asks the user if they want to quarantine the file. If the file does not have an extension and the file’s type and kind indicates it is an application, the script acts as if the file did not meet the criteria. If the user chooses to quarantine a file, the script creates a folder named ‘Quarantined’ which is created inside the directory the Folder Action is attached to. More info is available in the read me.

Secondly, Jack Pate suggested the simple approach of restricting application launch privileges to the system’s Applications folder, so that any application (and hence, any trojan) outside of the Applications folder simply won’t be able to launch and potentially wreak havoc with the system.

To nip this while thing in the bud, simply change the “limitations” of all your users to only applications in the Applications folder (and OS9 Apps, if applicable. . . ). It’s is an easy ‘check-box’ setting, and should TOTALLY eliminate the threat, because it would prevent any executable code from being run outside these apps, while still allowing .sit files to open normally and EVEN ‘real’ MP3 files, because it would be launching a qualified app in the approved folder to play it.

Good solutions, both of them, especially when used in tandem.

iTunes: “Keep Yourself Alive” by Queen from the album Queen (1973, 3:46).

First OS X exploit: Concept

by

One of the (many) nice things about being a Mac user is our general invulnerability to the multitudes of viruses, trojan horses, and other exploits that threaten the ‘net on a regular basis. So it’s no wonder that the Mac world is all a-tizzy over anti-virus company Intego releasing news of what appears to be the first Mac OS X trojan horse, wrapped inside an apparent .mp3 file.

This Trojan horse, MP3Concept (MP3Virus.Gen), exploits a weakness in Mac OS X where applications can appear to be other types of files.

The Trojan horse’s code is encapsulated in the ID3 tag of an MP3 (digital music) file. This code is in reality a hidden application that can run on any Macintosh computer running Mac OS X.

Mac OS X displays the icon of the MP3 file, with an .mp3 extension, rather than showing the file as an application, leading users to believe that they can double-click the file to listen to it. But double clicking the file launches the hidden code, which can damage or delete files on computers running Mac OS X, then iTunes to play the music contained in the file, to make users think that it is really an MP3 file . While the first versions of this Trojan horse that Intego has isolated are benign, this technique opens the door to more serious risks.

As it turns out, there are some mitigating factors to this announcement that Intego either didn’t know about, or deliberately chose to ignore in their press release that haven’t been as widely reported, and really should be.

First off — and most importantly — yes, this should be taken seriously, as it does appear to be a very possible source of attack against OS X.

However.

This does not appear to be evidence of someone actually attempting to release a malicious attack into the wild.

Dori Smith was kind enough to point out this usenet thread from comp.sys.mac.programmer.misc where the possibility of this exploit was first broached. During the discussion as to whether or not this was a real possibility, one of the people involved took it upon themselves to create a benign proof-of-concept.

This proof-of-concept seems to be what Intego found, and then proceeded to craft an accurate, but very alarmist press release around. While the concept definitely seems to be sound, and is something that OS X users should keep in mind when accepting files from untrusted sources, there does not appear to actually be a malicious attack of any sort currently propagating across the ‘net aimed at OS X users, now matter how much FUD Intego puts into their Security Alert.

As always, while it’s still very true that OS X is a far more safe and secure system than Windows, no system is entirely safe, and the user has to accept some amount of responsibility for their actions.

iTunes: “Gutter Glitter” by Switchblade Symphony from the album Gothik (1995, 3:50).

iChat just went bye-bye

by

That was more than a little odd. I was just in a conversation with Phil, and wanted to blog some of it. Normally I use iChat in “cute” mode (pictures and bubbles), like so:

iChat's 'cute' mode

When I want to blog a conversation, I’ll switch it to “text” and “show names”, which works much better for a copy-paste into a weblog post:

iChat in text mode

However, for some reason, iChat just went all wierd on me. When I switched it into text and names mode, everything in the chat window went blank. I could see what I was typing in the text input field, and hear when messages came through by the “bloop” sound…but I couldn’t see anything!

iChat goes wonky

Thankfully, closing out the window and starting a new chat session cleared it up, but I was quite amused for a few moments there.

iTunes: “Pink Potassium” by Radioactive Goldfish from the album Rhythm and Rave (1992, 4:46).

Kinja

by

So all the buzz over the past few days (aside from whether or not Google’s e-mail service is an April Fool’s Joke or not) has been Kinja. Essentially, Kinja is yet another web-based news aggregator, this time with the stated goal of exposing more weblogs to people who aren’t already sucked into the weblog world.

Of course, I’ve signed up, added all the feeds I subscribe to (hooray for data export and import), and made my Kinja page public so that anyone can stop by and get an idea of what I’m pumping into my brain each day.

Being a long-time NetNewsWire user, I’m a bit underwhelmed…but then, Kinja wasn’t made for people like me, but rather for the “unwashed masses” who still think that USA Today and Fox News are the best places to get all of their reading material. Still, it’ll be interesting to see if this goes anywhere.

iTunes: “Open Arms” by Journey from the album Pop Music: The Modern Era 1976-1999 (1981, 3:20).

PDA stylesheet tester?

by

Is there an online resource that will display a webpage as if it were being viewed on a handheld PDA device? I’ve had a request for a handheld-friendly version of my site, but not having a PDA, I’d essentially be “coding blind”.

Any suggestions or pointers would be greatly appreciated. :)

iTunes: “Das Land Der Elefanten” by Nena from the album 99 Luftballons (1984, 3:42).

Chronological vs. Chronoillogical

by

While I won’t be swapping my post order around, Monday’s discussion on weblog post order has resulted in one small change here on Eclecticism.

Until now, I’ve had my monthly archive pages displayed in “newest to oldest” format to match the main page. This made sense at the time, but after spending a little time scrolling through and searching for specific posts, I’ve swapped the monthly archive pages around to display chronologically, with the beginning of the month at the top of the page. Far easier to browse through now, I think.

That’ll be the extent of the changes I’m making here, but in Eric’s followup post “First Order Solutions“, he proposes a possible solution that would allow for a chronological first page that would use cookies to collapse already-viewed posts to just the headline, leaving new posts expanded to be easily read. It sounds worth experimenting with, though I’m still not entirely sold.

First off, it could create a lot of unnecessary clicking if someone was searching through the page for a recently posted bit of information (expand one post, look through, close it, expand the next…or expand them all and scroll, scroll, scroll). It reminded me of something that Shelley quoted in her response to Eric’s post, from one of her posts in 2002:

A weblogger’s nightmare:

I am looking at a weblog page with a Google box to the right and a NY Times box to the left and several buttons with coffee mugs all over them that generate OPML, RSS, and various other assorted and sundry XML flavors. Within the page there is this outline with links and plus signs and you click on the plus signs and the content is expanded to show even more outlines, which can expand to even more outlines, and on and on and on.

And I see myself hunting desperately through the page knowing if I look hard enough, deep enough, I will find the truth. I will find what the weblogger has to say.

Finally, after I click enough of the little plus signs, and get rid of all these boxes that keep opening up and tell Google to shut the fuck up for just one second, I find it.

Also, just how much information will the front page hold under Eric’s scheme, and for how long will it stay? I see two possible options: either the page just keeps gathering new posts for the month (and eventually any visitor would have to scroll down through a page or two of collapsed headlines to find the recent posts), or as Chris Vincent points out, there would be the visual oddity of having older posts drop off the top of the page as new posts are added to the bottom.

Some interesting ideas, I’m just not entirely sold yet as to their practicality.

I was flattered, though, to get a compliment from Eric in his post, though…

…Michael wrote an entire post in chronoillogical format, with the paragraphs running last to first. The interesting part is that it made almost as much sense that way as forward, which is either a testament to Michael’s writing skills or else an indication that I’m wrong about the nature of writing. (Hey, why not give my critics more ammo?)

iTunes: “Where I’m From (Aural G. Ride Novox)” by Digable Planets from the album Where I’m From (1992, 4:50).

Sosumi

by

On the bright side, webloggers now have protection against libel suits:

The Ninth Circuit Court of Appeals ruled last Tuesday that Web loggers, website operators and e-mail list editors can’t be held responsible for libel for information they republish, extending crucial First Amendment protections to do-it-yourself online publishers.

Online free speech advocates praised the decision as a victory. The ruling effectively differentiates conventional news media, which can be sued relatively easily for libel, from certain forms of online communication such as moderated e-mail lists. One implication is that DIY publishers like bloggers cannot be sued as easily.

On the downside, though, the case that prompted this decision is truly bizarre, and I have to feel sorry for the woman whose case was just overturned by the ruling.

The case traces back to a North Carolina town in 1999, where handyman Robert Smith was repairing a truck owned by attorney and art collector Ellen Batzel. Smith claimed to have overheard Batzel say she was related to Nazi Gestapo head Heinrich Himmler. He said he concluded that the European paintings he saw in her home must be stolen goods, and shared this in an e-mail he sent to the editor of the Museum Security Network, an organization that publishes information about stolen art.

Without telling Smith the e-mail would be published, Ton Cremers — the sole operator of Amsterdam-based Museum Security Network — made minor edits, then posted Smith’s e-mail to a list of about 1,000 museum directors, journalists, auction houses, gallery owners and Interpol and FBI agents.

Three months later, Batzel learned of the post. She contacted Cremers to deny both the stolen art and Nazi ancestry allegations. She also said Smith’s claims were motivated by financial disputes over contracting work.

… Batzel sued Smith, Cremers and the Museum Security Network for defamation and won. Cremers appealed.

And during the hearing over Cremers’ appeal, his appeal was upheld (in part), Batzel’s suit was denied, and webloggers gained protection from libel suits. While I’m certainly happy about the decision and its ramifications for weblogs, it’s a shame that it came at such a cost for Batzel.

(via Nyxnata)

Which way do you want to go? Up? Or down?

by

Any ideas?

Eric’s put out a call for ideas for alternative formats that might both satisfy web usage habits and allow for a more temporally sensical page structure. I’m quite interested in seeing what, if anything, he comes up with, and finding out how workable any proposed solutions are (if at all).

However, I can’t really see merely swapping things around on the front page so that new posts show up at the bottom and scroll upwards, either. While it might make more chronological sense, the “most recent at the top” format is so ingrained in our heads that I think flipping the main page into true chronological order might be too confusing, disorienting, and generally more trouble than it’s worth.

I have to admit, I’m a bit lost on alternatives — in fact, the only viable alternative I can think of off the top of my head is adopting a single-post front page format (such as Marc Pilgrim uses, or as I do on WüdiVisions). My issues with this are simply that not all of my posts are long enough to give any “weight” to the front page, and when I post multiple times over the course of a day, any single post might have anywhere from a few hours to as little as a few minutes on the front page before it would disappear into the archives.

So what sort of solutions might there be out there? Right now, both my main page and my monthly archive pages are “backwards” — forwards by current web usage, but not chronologically. While I could fairly easily switch my archive pages around to display the beginning of the month at the top of the page and progress downwards (as Eric has done in his archives), that doesn’t necessarily work as well for the front page.

…our collective behavior when it comes to reading weblogs is a stunning example of an entire community adopting hugely counter-intuitive behaviors in order to conform to a received truth (that weblog entries should be ordered most to least recent). …if you read a twenty-chapter book the way you read weblogs, you’d start at the beginning of chapter 20, read it, skip back to the beginning of 19, read that, and so on until you finally worked your way back to chapter 1 and finished the book. How much sense does that make? Close to none.

I’ve noticed this myself from time to time, and admittedly, it can get quite frustrating. Not so much on normal day-to-day browsing if you’re able to keep track of any given site fairly frequently, but when playing the catch-up game after being out of the loop for a bit. Once you load a site, it’s not at all uncommon for people to refer back to previous posts, which you may have missed, so you have to backtrack to read them, then jump back to the current post…not that bad in the short-term, but aggravating after a while.

Here’s what I mean: the most-recent-first format is broken. No other form of written communication works that way, and in fact almost no form of human communication works like that. There’s a reason why. Reading a weblog is like watching Memento, which I agree was a cool movie, except all weblogs are like that so it’s as if every single movie released in the past seven or eight years was structured exactly like Memento. …If weblog entries were ordered like the weblogs themselves, this would be the next-to-last paragraph, and the one above would be below it instead.

Weblogs are “temporally broken”, according to Eric Meyer.

Okay, yes, I deliberately swapped the paragraph order around in the main part of the post. If you’d rather not try to run through the mental gymnastics of re-ordering the paragraphs, here’s the “correct” version. ;) Weblogs are “temporally broken”, according to Eric Meyer.

Here’s what I mean: the most-recent-first format is broken. No other form of written communication works that way, and in fact almost no form of human communication works like that. There’s a reason why. Reading a weblog is like watching Memento, which I agree was a cool movie, except all weblogs are like that so it’s as if every single movie released in the past seven or eight years was structured exactly like Memento. …If weblog entries were ordered like the weblogs themselves, this would be the next-to-last paragraph, and the one above would be below it instead.

I’ve noticed this myself from time to time, and admittedly, it can get quite frustrating. Not so much on normal day-to-day browsing if you’re able to keep track of any given site fairly frequently, but when playing the catch-up game after being out of the loop for a bit. Once you load a site, it’s not at all uncommon for people to refer back to previous posts, which you may have missed, so you have to backtrack to read them, then jump back to the current post…not that bad in the short-term, but aggravating after a while.

…our collective behavior when it comes to reading weblogs is a stunning example of an entire community adopting hugely counter-intuitive behaviors in order to conform to a received truth (that weblog entries should be ordered most to least recent). …if you read a twenty-chapter book the way you read weblogs, you’d start at the beginning of chapter 20, read it, skip back to the beginning of 19, read that, and so on until you finally worked your way back to chapter 1 and finished the book. How much sense does that make? Close to none.

So what sort of solutions might there be out there? Right now, both my main page and my monthly archive pages are “backwards” — forwards by current web usage, but not chronologically. While I could fairly easily switch my archive pages around to display the beginning of the month at the top of the page and progress downwards (as Eric has done in his archives), that doesn’t necessarily work as well for the front page.

I have to admit, I’m a bit lost on alternatives — in fact, the only viable alternative I can think of off the top of my head is adopting a single-post front page format (such as Marc Pilgrim uses, or as I do on WüdiVisions). My issues with this are simply that not all of my posts are long enough to give any “weight” to the front page, and when I post multiple times over the course of a day, any single post might have anywhere from a few hours to as little as a few minutes on the front page before it would disappear into the archives.

However, I can’t really see merely swapping things around on the front page so that new posts show up at the bottom and scroll upwards, either. While it might make more chronological sense, the “most recent at the top” format is so ingrained in our heads that I think flipping the main page into true chronological order might be too confusing, disorienting, and generally more trouble than it’s worth.

Eric’s put out a call for ideas for alternative formats that might both satisfy web usage habits and allow for a more temporally sensical page structure. I’m quite interested in seeing what, if anything, he comes up with, and finding out how workable any proposed solutions are (if at all).

Any ideas?