September 2002 – Page 6 – a crank's progress

Mozilla HTTP_REFERER bug

Daily News – MozillaZine! Your Source for Mozilla News and Advocacy

Yesterday, ZDNet UK News reported that Mozilla has a privacy flaw involving HTTP referers. The flaw can be exploited using the onUnload JavaScript handler, which is triggered when a visitor leaves a page (for example, by clicking a link or using a bookmark). The problem is that the referer Mozilla sends is the URL of the page that the visitor is going to, not the page that he or she is exiting. This means that a site can discover where you are heading when you leave.

The security bug is present in the latest versions of Mozilla (including 1.0.1, 1.1 and 1.2 Alpha) as well as some Mozilla-based browsers, such as Netscape 6.x, Netscape 7.0, Galeon 1.2.x and Chimera 0.5. At the time of writing, no fix is available. A workaround is to disable JavaScript (Edit > Preferences > Advanced > Scripts & Plugins).

There is supposedly a fix for this, according to Slashdot but the page you need to see is suffering from the Slashdot Effect.

my first program

This was the first program I ever wrote, a www server log file parser/reporting tool, back in 1995/96.

Perhaps I’ll run it on my own stuff and see how it fares after all this time.

marklar lives?

If there was any doubt that OS X runs on other hardware, why would StartupItems need to check for the hardware it’s running on?

ARCH=$(uname -p)

SetBootCommand() { local BootCommand="$*"if [ $ARCH = "powerpc" ]; then if nvram "${BootArgsVar}"="${BootCommand}" then shutdown -r now else echo "Warning: Failed to set boot-command" echo "Warning: Continuing startup" fi fi }

uname -p returns “powerpc” on my OS X machine: on a FreeBSD system, it returns “i386.”

Yes, I know Darwin runs on x86 hardware. It only seems to be in the SystemTuning bundle which seems to deal with OS X server specific applications (QuickTimeStreaming Server, for example).

looks like my samba on OS X stuff was useful

[/Users/paul]:: fink info samba Reading package info… Information about 1457 packages read in 181 seconds. pkg samba version ### pkg samba version 2.2.5-1 samba-2.2.5-1: SMB and CIFS client and server for UNIX . Usage Notes: Samba settings are set in the configuration file ‘smb.conf’. A sample file called ‘smb.conf.default’ is installed in yourfinkdirectory/etc/samba. Also refer to the documentation installed in yourfinkdirectory/share/doc/ samba and yourfinkdirectory/share/samba/examples. To create a startup item that starts samba after reboot just run as root “daemonic enable samba”. To remove the samba startup item just run as root “daemonic remove samba”. For a set of quickstart instructions for setting up Samba under OSX checkout /movabletype/archives/000249.html#000249 thanks to Paul Beard. . Web site: http://www.samba.org . Maintainer: Matt Stephenson


I wonder if I shouldn’t find a more permanent place for that stuff. I haven’t yet figured out why Apple’s installation doesn’t work. I suspect it has a lot to do with the fact there is an entry for SMBSERVER in /etc/hostconfig but no matching StartUpItems bundle. How did that slip through the cracks?



	
		Author paulPosted on September 14, 2002Categories the value of X




	
		
		another Jaguar gotcha
	


	
	
	
		It’s nice that Jaguar includes Samba support, but if you already had it installed (via fink, for example), Jaguar seems to stop any but the official Samba release from running. 
As noted hereI added a line in /etc/hostconfig fo enable the samba daemons to start at boottime. For whatever reason, the fink managed versions don’t run and since Apple calls it SMBSERVER instead of SAMBA and it’s start value defaults to NO, samba just mysteriously stopped working.



SAMBA=-YES-

CUPS=-YES-

DNSSERVER=-NO-

IPV6=-YES-

SMBSERVER=-NO-


So I could change the SMBSERVER value to YES but I don’t see a StartupItem bundle for it. And why does the version I had installed and working no longer work?

 Continue reading “another Jaguar gotcha”
	


	
		Author paulPosted on September 13, 2002Categories the value of X			




	
		
		school uniforms create discipline problems??
	


	
	
	
		Plaid’s Out, Again, as Schools Give Up Requiring Uniforms
This is a simple case of parents and kids not buying into the program. Or more to the point, it’s the old pattern of affluent suburban parents thinking they don’t need to follow the same rules as everyone else and being unwilling or unable to tell their kids “no” when it comes to simple behavior rules. 
“But I think uniforms have peaked for now. If there are a couple of school shootings tomorrow, we may see it again. But my sense is that right now people are focused on larger issues.”
What’s a larger issue than safety or community or basic civics/citizenship? And why will take school shootings to bring that back into focus?
	


	
		Author paulPosted on September 13, 2002Categories education, observations			




	
		
		Gee, you mean it’s not legal to do this?
	


	
	
	
		A Simple Click Stirs a Lot of Outrage
The State Department site, it turns out, had been providing a link to a Web site run by the Republican National Committee despite federal laws prohibiting government resources from being used for partisan purposes.
Accident by unknowing staff (funny how every organization keeps a couple of these folks around) or wilful flouting of the law? You make the call.
	


	
		Author paulPosted on September 13, 2002Categories observations			




	
		
		well, what else would you expect?
	


	
	
	
		America Online Is Making More Changes at the Top
Jordan Rohan, an analyst with SoundView Technologies, said, “This company is becoming more and more like Time Warner and less like AOL.”
It seemed likely this would happen: TWX is much bigger that AOL and predates dialup information services by decades, with operations in many industries and regions of the globe. It didn’t seem like that AOL’s young khaki and golf shirt culture would win out over TWX’s more seasoned suits, especially as they were outnumbered. Maybe now the value of the merged company will reflect the strengths of the Time Warner assets, rather than what AOL brought to the marriage.
	


	
		Author paulPosted on September 13, 2002Categories observations			




	
		
		deep fried Snickers bar, anyone?
	


	
	
	
		One of the staples of the school lunchbox has splashed into the frying vat as the newest must-eat addition to the Puyallup Fair’s food lineup: deep-fried Twinkies.
Of course, this is not a new idea: the deep-fried Mars Bar is Scotland’s National Dish.
This sort of food is the reason why Scotland has the highest heart attack per person ratio of any country in Europe.
It may not be a new idea, but it’s disgusting.
	


	
		Author paulPosted on September 12, 2002Categories The slush pile			




	
		
		Dr David Edgar Villanueva’s words immortalized
	


	
	
	
		Google Search: It is necessary to stress that there is no position more anti-competitive than that of the big software producers, which frequently abuse their dominant position, since in innumerable cases they propose as a solution to problems raised by users: ‘Update your software to the new version’ (at the user’s expense naturally);
Found that someone had used an entire paragraph as a search query in Google: of course, Google limits queries to 10 words and drops common stop words (prepositions, conjunctions). Still, that text has been cited many places.
	


	
		Author paulPosted on September 12, 2002Categories obscure pursuits			



	
		Posts pagination
		Previous page
Page 1
…
Page 5
Page 6
Page 7
…
Page 10
Next page