Tech

Tech-focused ramblings. Computers, blogs, and whatever else fits.

RSS feeds updated

by

I’ve updated, rearranged, and cleaned up the RSS feeds for Eclecticism. Hopefully I haven’t just screwed things up too horribly for those of you who subscribe to one feed or another.

Until tonight, the default RSS feed was the ‘full posts plus comments’ feed. This may have been a bad choice, as the default feed is the most likely to be subscribed to by the casual user, and they may not want to automatically get an update every time someone replies to something I’ve posted. Because of this, I’ve swapped the ‘full posts’ and the ‘full posts plus comments’ feeds around.

I’ve also added a fourth RSS feed that is only recent comments. This can come in handy for following discussions on a particular posts, especially after it ages enough that it’s no longer included in any of the primary RSS feeds.

All of the feeds have received some slight tweaks to improve readability, including line and paragraph breaks for comments in the ‘full posts plus comments’ feed (I’m not sure why I had those turned off in the first place), more legible separation of comments in the ‘full posts plus comments’ feed, and more descriptive titles for each of the feeds (‘eclecticism: Excerpts’ and ‘eclecticism: Comments’, for example, rather than four feeds each simply titled ‘eclecticism’).

The feeds page has been updated to reflect the changes and additions, and has also had subscription information for LiveJournal users added.

iTunes: “Temporary Phase” by Sausage from the album Riddles are Abound Tonight (1994, 5:59).

New category, design tweaks

by

Following up on my thought process, I’ve added a 15Minutes archive category that collects all posts related to my experiences with blogging my way out of a job.

I’ve also made some other slight design tweaks. I’m now including a list of categories for each post in the metadata on the front page between the post date and the comment/trackback links, and I’ve linked the post date on individual archives to the monthly archive pages.

Nothing really major, but I’ve found myself wishing I had these at various times in the past, and finally decided to implement them.

iTunes: “Somebody Screams” by Galaxy 2 from the album Techno-Trax Vol. 2 (1991, 5:51).

411 Length Required

by

Every time you click on a link and your web browser requests a resource (page, image, video or music file, or any other possible link destination) from a web server, there is a certain amount of information passed back and forth between the server and the browser as the transmission is started. One of those pieces of information is the HTTP Status Code.

If everything is working correctly, the status code sent from the server to the browser is ‘200 OK’, after which the requested information begins to be transmitted. If something doesn’t work for one reason or another, there are various possible responses, the most infamous of which is ‘404 Not Found’, returned when the requested resource doesn’t exist on the server anymore.

Recently, ThinkGeek started selling HTTPanties — a set of panties with either ‘200 OK’ or ‘403 Forbidden’ emblazoned across the front. Cute idea.

CodePoetry decided this wasn’t enough, though…

Nothing says lovin’ like 200 OK I suppose. Of course, beyond that and 403 Forbidden lie a whole world of wonderful responses that would be useful at times…

  • 300 Multiple Choices for the creative.
  • 301 Moved Permanently for the formerly-masculine.
  • 305 Use Proxy for the adventurer.
  • 307 Temporary Redirect for various reasons.
  • 401 Unauthorized for the stranger.
  • 402 Payment Required for … yeah.
  • 404 Not Found for the unfortunate.
  • 405 Method Not Allowed — I’m not going there.
  • 406 Not Acceptable explains itself.
  • 407 Proxy Authentication Required for the underage.
  • 408 Request Timeout for the extended foreplay.
  • 409 Conflict for the tired. (“The request could not be completed due to a conflict with the current state of the resource.”)
  • 410 Gone — Not going there.
  • 411 Length Required describes itself nicely.
  • 413 Request Entity Too Large does the same.
  • 415 Unsupported Media Type will not be discussed.
  • 416 Requested Range Not Satisfiable suffers a similar fate.
  • 417 Expectation Failed — this is getting bad, quick.
  • 502 Service Temporarily Overloaded for those that didn’t leave 3-way to the phone companies.
  • 503 Service Unavailable for the married and boring.

Works for me!

iTunes: “Snakes” by Voltaire from the album Devil’s Bris, The (1998, 4:10).

iSight issues

by

Mike recently posted about some of the pros and cons to being the owner of an iSight — pros including the simple fact that the iSight is simply a damn good camera; cons including the Mac-only nature of iChat and the somewhat less-than-satisfactory mounting options that come stock out of the box.

Cross-platform video conferencing may be coming down the pike (we hope) with a future release of AIM on the Windows and Mac platforms, as Apple has a pre-existing partnership with AIM (iChat ties into the AIM network, allowing both iChat and AIM users to IM each other). Nobody seems to know for certain if or when this may happen, but we’re keeping our fingers crossed. As far as mounting options go, Mike pointed to the SightFlex, which looks perfect, and is getting added to my birthday wish list.

I’ve noticed some other cons to the iSight, chiefly being that as of late, it’s been notoriously instable, appearing and disappearing from my system more or less at random, and at times apparently interfering with the mounting of my iPod. Apparently I’m not the only person being bit by this bug, but on the bright side, there are a few possible solutions mentioned recently on MacFixIt, including simply remembering to turn the iSight off (twist the front of the camera to close its iris) when it’s not in use. I’ll give that a shot for a while, and see if it helps.

iTunes: “Chicken In A Biscuit” by Black Happy from the album Peghead (1993, 2:55).

Blogger Code

by

Last post for the night, then I’ve got to get to bed. I just wanted to toss up my blogger code:

B9 d+ t+ k+ s u f+ i o x+ e+ l c– (Decode my blogger code)

I did (kind of) cheat on one answer, though, I must admit. For the Technical Quotient (the ‘t+‘ mark), I had to choose between two possible answers:

  • I manage my blog with Greymatter, Movable Type, or other management system running on my own web host. [t+]
  • I use Blogger, BigBlogTool, or similar service to update ablogspot, Geocities, or other hosted site; or I use diaryland,livejournal, or another service with built-in updating and content management. [t-]

Technically, t- is the more correct answer, as Eclecticism is hosted and powered by TypePad, a hosted service with definite similarities to those listed. However, as TypePad is based on MovableType and I use heavily-modified templates that take advantage of many of the MT-specific tags; as I’ve used (and paid for) MovableType on earlier versions of this weblog; and as I currently have MovableType installed and running on a server here in my apartment hosting both my dad’s weblog and my friend Kirsten’s weblog (each on their own domain name), I figured I could get away with claiming the more technically-proficient t+ rating.

Other than that, it’s all entirely accurate.

(via Snowblink)

iTunes: “Zigular” by Poems for Laila from the album Another Poem for the 20th Century (1989, 3:30).

Weblog Review

by

From a suggestion by Doc on the TypePad User Group, I’m submitting my site to The Weblog Review. I have no idea how long it will take them to get around to me, but in the meantime, I’ll just hope that they have nice things to say.

I like ego-stroking. ;)

Update: Nevermind. They’re not accepting site submissions unless you pay them. I don’t need ego-stroking that much.

iTunes: “Strawberry Fields Forever (Raspberry Ripple)” by Candyflip from the album Madstock…the Continuing Adventures of Bubblecar Fish (1990, 5:54).

Microsoft vs. the web

by

One of the standards that has been part of web browsing for years is a method of including a username and password in a hypertext link, in order to facilitate being able to conveniently logging into a protected site. For instance, were my site password-protected, one could add username:password@ to the beginning of the web address, creating a link that looked like http://username:password@www.michaelhanscom.com/ in order to log in with a single click.

The downside to this is that because that information is optional and not always used, a web browser ignores any characters up to and including the ‘@’ symbol if they are included in a link, as they are not part of the address being requested. The target webserver will also ignore those characters if it is not configured to require login information to access its hosted web pages.

This has led to one of the more common forms of ‘link spoofing’ — I’ve seen it myself in hoax e-mails purporting to be from PayPal. The perpetrator will create a false page on a webserver they control that appears to be a page on PayPal’s site that asks for the victims credit card information. They will then create an e-mail also formatted to appear as if it came from PayPal, asking the victim to log in and verify their information. When they give a URL to click, it will look something like http://www.paypal.com@12.345.67.890/verify.html — which to many people, appears to go to PayPal’s site. However, because the browser is ignoring the ‘@’ and everything before it, the browser is actually pulling a page from the IP address 12.345.67.890 and not from PayPal, and any credit card information they enter into that page will go not to PayPal, but to some anonymous criminal taking advantage of people’s ignorance of how the web works to collect useable credit card numbers.

Making the matter worse, versions of Internet Explorer prior to 6.0 (Service Pack 1) on the PC had a bug where if a (false) web address was included in a link before the @ symbol, that address would display in the browser’s address field rather than the address of the site actually being visited. In other words, in the above example, the user would see http://www.paypal.com/ in their web browser address field rather than http://12.345.67.890/. This bug has been fixed in IE 6.0sp1, but far too many people have yet to upgrade.

Microsoft, in their infinite wisdom, has decided that enough is enough, and are taking steps to combat this type of hoax. How are they doing this? Not by attempting to educate their customers in any way, releasing a patch for other versions of IE to fix the bug, or by adding a simple ‘This type of URL may be dangerous’ warning dialog when links formatted this way are clicked (something that I think would be fairly easy to add — just scan the link to see whether or not it follows the username:password format before the @ symbol; if it doesn’t, pop up an alert box). No, instead of any of those options, they’re breaking the long-standing standard.

To mitigate the issues that are discussed in the “Background information” section of this article, Microsoft plans to release a software update that removes support for handling URLs of this form in Internet Explorer and Windows Explorer. After you install this software update, Windows Explorer and Internet Explorer do not open HTTP or HTTPS sites by using a URL that includes user information. By default, if user information is included in an HTTP or an HTTPS URL, a Web page with the following title appears: Invalid syntax error

Great idea, guys.

Update: According to CodePoetry, it appears that Microsoft may actually be following standards, and the use of usernames and passwords in URLs is officially discouraged. If that’s the case, then…well, that’s that. I guess it’s not such a bad thing after all (if a little inconvenient in some instances).

And here’s another goodie: there are a few other various ways that malicious people can craft, hide, and spoof URLs that take advantage of bugs in various versions of IE so that the URL displayed in IE’s address bar is not the URL of the site actually being visited. Microsoft has issued a tech note explaining that the most effective way to be sure that you are visiting the sites you really want to visit is to simply type the address into IE’s address bar manually.

So, to be absolutely sure that you are visiting the two Microsoft Support documents that I’ve linked above, please do not click on the links. Instead, move your cursor into IE’s address bar, click and select the displayed address, hit ‘Backspace’ to erase that, and type the following two URLs manually into the address bar:

  1. http://support.microsoft.com/default.aspx?scid=kb;%5bLN%5d;834489
  2. http://support.microsoft.com/default.aspx?scid=kb;[ln];833786

No typos now!

There. Don’t you feel better, safer, and more secure now?

I know I do. But then, I haven’t used Internet Explorer in ages.

(via codepoetry and Mark Pilgrim)

iTunes: “Vinegar and Salt” by Hooverphonic from the album Magnificent Tree, The (2000, 3:20).

Blasphemy

by

I’m probably the last Mac blogger to mention this, but I just couldn’t let it pass by. There are special circles of Hell reserved for people who do this

[Update: Turns out that it’s a hoax. The page on Overclockers.com has been updated with an e-mail from the person behind this explaining that they got an empty G5 shell and decided to have some fun. Whew! Nice troll. ;)]{.underline}

I got a shiny new Apple G5 for Christmas. I loved the case, but I’m no Mac user. So I….

  • Get a brand new dual processor G5, then
  • Rip out everything,
  • Cut out the back of the case so I can use a PC motherboard, and
  • Install an Athlon motherboard.

Don’t get me wrong, I’m sure G5 is a great computer, but I wanted a Dell for Christmas. I don’t have any programs for Apple and didn’t feel like waiting for them. I thought about selling it, but my parents would be upset with me. After all, this was a very expensive gift and it meant a lot to them to give to me.

It’s a good thing my parents don’t know anything about computers, because I’m sure they would be really angry if they knew what I did. I have to say that I’m happy – I can keep on using XP.

![The monstrosity]

[The monstrosity]: https://michaelhans.com/eclecticism/2004/01/graphics/G5_wreck_1.jpg {width=”363″ height=”143″}

(via lots of people, but the picture was shamelessly ganked from Lane)

iTunes: “Let Your Body Die (Television Overdose Overdosed)” by Cyber-Tec from the album Cyber-Tec (1995, 6:29).

Orkut

by

Much of the buzz this past week that I utterly and completely ignored has been about Orkut, Google‘s entry into the social networking trend. As with the rest, you sign up, invite friends, link to other friends, and so on. I’ve never been too hot about these things — they seem kind of silly, reducing friendships and acquaintances to the level of Pokemon characters (collect the whole set!).

Still, I’m not entirely averse to giving it shot, especially when I get two invitations to join on one day (from both Mike and Jonas), so I figured I’d at least sign up and poke around for a bit (if you’re on Orkut, here’s my profile). I signed up, filled out a good chunk of the profile information, joined a few communities, and added a few friends. Amusingly enough, of the four friends I have listed, I’ve met exactly one of them in the real world (Jon, who interviewed me for the [MSNBC story] about the Microsoft fracas), which is one of the reasons I’ve always been amused by these types of websites — just what, exactly, is the criteria for “friend”? Myself, I’d kind of like it if there were levels or categories of friends (online friends, real life friends, close friends, acquaintances, friends I’d jump in bed with if given half a chance, etc.), but that’s something I’ve yet to see in one of these.

[MSNBC story]: http://msnbc.msn.com/id/3341689/ “Blogger dismissed
from Microsoft”
At the moment, with four friends listed, I’m connected in some way to 5,298 people. I have no idea what that means, really (how far do these connections go? Two degrees? Six? Twelve? Infinite?), but that’s what it tells me.

I experimented a bit with the communities feature by creating one for TypePad users. Amusingly enough, after a run to the bank to get my account back in the black, when I got home I found that there were now two more members for that community — none other than Ben and Mena. Rather nifty, that.

Now, of course, the question becomes whether or not I’ll ever remember to check in on this whole thing. I was invited into and signed up for Friendster a while back, and as yet, I believe I’ve checked up on my account there all of four or five times. Now, of course, I can’t even log in, as I’ve apparently managed to forget my login information, and can’t find a confirmation e-mail saved on my computer. Ah, well. So it goes.

iTunes: “Space Shanty” by Leftfield from the album Leftism (1995, 7:15).