July 2010
5 posts
Lego Mindstorm Codecs Added to ffmpeg →
Open source is so awesome. So are nerds.
Demo of Scary Vulnerability Using Safari Autofill →
Brilliant + terrifying.
Visit the above link in Safari. It’s just a demo of the vulnerability; nothing bad will happen.
Two fantastic tidbits from Ars on the recent zero-day Window’s exploit that takes advantage of a flaw in Windows shortcuts.
The best option for mitigating the flaw is to disable Windows’ ability to show shortcuts’ icons. However, this mitigation comes at some cost; it removes all the icons from the Start menu, for example, which is sure to be detrimental to usability.
and
...
June 2010
1 post
No really, Fluid is open source →
This is awesome. Todd Ditchendorf open-sourced Fluid.app on GitHub. So what are you waiting for?
April 2010
2 posts
New in Campfire: Drag and drop uploading →
Yes!
March 2010
6 posts
OS X Geek Tip of the Day
When OS X Disk Utility tells you that your disk has “issues” and you must boot up from a system disk and run Disk Utility again, you can simply boot in single-user mode by holding down command-S during bootup and run `fsck -fy` at the command prompt. It does the same thing.
Now there’s no need to (a) look for your OS X install disk or (b) wait the 10 minutes for your system to...
“Never mind that real businesses track all of their data in SQL databases that...”
– You said it, Ted Dziuba!
Did you know that you can specify an IP address in your browser using a base other than base 10? For example, the following are all equivalent representations of 66.102.13.99 (one of Google’s IPs)
http://0x42.0x66.0x0d.0x63
http://0x42660d63
http://1113984355
http://00000102.00000146.00000015.00000143
From a post on Viruslist:
Now, by itself, this isn’t terribly interesting from a...
“Too many tables; MySQL can only use 61 tables in a join”
– AKA You’re Doing it Wrong
Huge CSV Data Exports in Rails
I’m a strong believer in data portability for software as a service applications. As a consumer, I never want to use a service that won’t let me get my data out. And as a provider, I’d much prefer to compete on features, quality, customer service, etc than on locking in customers. Additionally, it takes a lot of hubris to assume that your application can provide all the...
February 2010
1 post
Admit It, Microsoft: You Suck at the Web – GigaOM →
Let’s see… 60% of the browser market, one of the top 3 most visited web sites, one of the top 3 search engines, and $40B in cash…
I would hate to see what things would look like if they were just “pretty good at the web.”
January 2010
14 posts
Pratik has a very thorough and well written post about the upcoming changes to the ActiveRecord finder methods in Rails 3.1 and 3.2.
Specifically, the current options parameter is going to be removed in favor of method chaining.
For example,
Car.all(:conditions=>{:color=>'black'}, :order=>'cars.price DESC', :limit=>10)
will be replaced by:
Car.where(:color =>...
Speaking Schedule: Jan 19th @ Pivotal Labs in NYC
I’ll be speaking this Tuesday at Pivotal’s NYC office about architecting successful software platforms that are heavily reliant on (inherently unreliable) 3rd party web services and services in the cloud.
Here’s the abstract:
Beyond the Hype: What it Really Takes to Build a Technology Business on the Cloud After the marketing and sales people leave the room, what does it really...
100% of all Browser Certificate Warnings are from...
This is just another interesting tidbit from the podcast this morning:
Setting up SSL properly is really hard and letting an SSL certificate accidentally expire is really easy. I think every web developer ever has had a problem with SSL at some point in their career.
On the other hand, malicious web sites work very hard to make sure they look legit. Either they don’t use SSL at all, or...
Embarrassing Server Log of the Day
2010-01-12 15:44:50 Completed in 500545ms (View: 367097, DB: 133140) | 200 OK
Explaining URLs is Surprisingly Hard
I listened to a moderately interesting Security Now episode from a couple weeks ago. The topic was explaining security best practices to non-techno people. Specifically, can you tell if a URL is safe to click on. Turns out parsing URLs is a suprisingly hard problem that nerds completely take for granted.
Try explaining the following rules about clicking links to your grandma:
www.paypal.com...
Dr Nic’s Syntax Highlighting in Tumblr →
A hosted style sheet for adding syntax highlighting for a number of different languages to your Tumblelog. Thanks, Dr. Nic!
Skip ActiveRecord Callbacks
Just a simple little Rails tip to end the week. Nothing new here, but a nice snippet of code to remember and keep in your toolbox.
Let’s say you have an Address model. Every time you update an address, you want it geocoded. So you add an after_save :geocode callback. Now let’s say you want to standardize all state names to 2 letter uppercase abbreviations. We want to go back and...
Dive Into HTML5 →
HTML5 is coming. Do you know what’s in store? This is the online version of Mark Pilgrim’s upcoming book. It will be published by O’Reilly but remain online under a Creative Commons license. So far his chapters on canvas, video, and forms are available online.
Increase the number of file descriptors on Centos...
Raising the number of file descriptors for a regular user on CentOS/Fedora/Redhat is surprisingly difficult to learn how to do. There are lots of incomplete walk throughs on the web, some with typos and other problems.
Here are the steps that worked for me to raise the open file descriptor limit from 1024 (the default) to 65535:
1. As root, edit /etc/sysctl.conf and add the line:
fs.file-max =...
ActiveRecord without_timestamps
ActiveRecord’s automatically updating created_at and updated_at timestamps are certainly a great feature. Every once in a while though they can bite you in the butt.
For example, let’s say you have a query that finds all the recently updated blog posts:
Post.all :order=>'updated_at DESC', :limit=>5
That code works great and has been in production for a long time. Then one day...
5 tags
Skip DNS Lookups for a More Reliable MySQL
By default, the MySQL grants table can authenticate users based on IP address or hostname. When a client connects from a particular host, MySQL does a reverse DNS lookup and compares the hostname and IP address.
This is normally pretty fast and makes setting up your grants table easier: you can allow anyone within your domain to connect, for example. And it adds a layer of abstraction between...
2 tags
Happy #{Time.now.strftime('%Y')}!
Here’s a little programming tip I picked up a while back: it’s embarrassing when one of your web site still reads “Copyright 2007” as the clock turns to 2010. But who has time to remember every footer on every site that they add a copyright notice?
The trick is to replace the hardcoded year with a snippet of text that evaluates the current year. Now all your sites will...