Yearly Archives: 2010

Bye Bye Meego, Hello Ubuntu Netbook Remix

0 minutes, 54 seconds

Meego, as I mentioned before, is really really cool. I was able to get all my apps installed and even managed to get my Google calendar, mail and contacts syncing by just adding it via the email client under IMAP (BTW – Meego, you should really highlight that feature!). All the apps even appeared as a native icon alongside the pre-installed ones which is a really nice touch. Alas, the lack of a working AIM client is just too much. It’s my primary IM network and it just bugged me that it didn’t work. Which is too bad, because Meego is so close to being perfect. Well, too about AIM and about sleep.

So, what to do? After reading Mr. Doctorow’s latest post, I was reminded about good ol’ Ubuntu. Sure enough, there’s a Netbook remix. Let’s give it a whirl! USB key is prepped and primed and install is imminent.

Also – I love love love (yeah, 3 times) Pendrivelinux.com!. This is a super easy way to create bootable USB drives (aka live “CDs”) of your local linux distro. The old days of some crazy fdisk silliness is gone. Now it’s just point and click. Love it.

Stay tuned for my Ubuntification!

New Love: Meego

0 minutes, 44 seconds

A bit ago I read a post about Meego 1.0 being available. I had a Acer great netbook that was suffering from a slow slow install of XP. I’d been thinking of going to Linpus, which originally shipped with the Aspire Ones. However, Meego had great live, bootable USB download which allowed me to give the whole OS a spin on my hardware. Everything just works: webcam, USB bluetooth dongle, wifi, NIC and internal SD Card.

Last night, I took the plunge and installed it over XP.

Today, I’m happy to report I’m never going back to XP on this lil’ guy. I got Dropbox, KeepassX, Synergy and sshd all working with out a lot of hassle. The boot time is insanely fast. Google Chrome is WAY faster than FF3.6 in XP. I am a very happy camper.

Go Meego today! Full disclosure – sleep looks to be broken :(

Update: It looks like AIM is broken too. That’s a real bummer because it’s my main IM network.

Broccoli, Tofu and Quinoa

0 minutes, 3 seconds

The wife busted this dish out a few nights ago. Tasty times!

Plip’s Vimeo JavaScript Embedder v.02

0 minutes, 55 seconds

OK, I just finished doing up version .02 of Plip’s Vimeo JavaScript Embedder v.02. I’d say it’s stealable, but that you’ll likely want to wait a bit for. There’s a couple of reasons:

  • It doesn’t work in IE8
  • It’s lot’s of code chunks instead of one tidy package
  • I’m not done with it

While doing research for this I found the Video for Everybody project which I love. You should definitely check it out and this may be where I try take this project:

Video for Everybody is simply a chunk of HTML code that embeds a video into a website using the HTML5 <video> element, falling back to Flash automatically, without the use of JavaScript or browser-sniffing. It therefore works in RSS readers (no JavaScript), on the iPhone / iPad (don’t support Flash) and on many, many browsers and platforms.
camendesign.com

My gut feeling is that this solution won’t work until Vimeo changes things a bit. Right now the main point of my work here is to fetch the large thumbnail which currently has to be done by JS. Using JS goes against everything Video for Everyone stands for. Still, super cool and possibly a worthy non-JS solution.

Stay tuned!

Smartphones + small screens = Phishing!

1 minute, 13 seconds

I just read internet’s famous Cory Doctorow’s very interesting post about how he got phished (!). What struck me was not his whole parasite-perfect-timing-phone-reset scenario. The take away for me was that on a small screen you can’t see the entire URL of where you’re going. I can imagine a scenario where phishers look up your friends on facetwitt, send you a “personal” note with a perfectly crafted URL to fit you iphonedroid’s browser. Your phone would hide the fact that you’re not logging into the site you think you are. Yikes!

I’m currently abstaining from all social networking sites. They’re totally awesome and fun and a great way to keep in touch with friends far and near. However, my security hackles go up too high with them, so I’ll have to be happy with my blog and its 4 readers instead of an intensely well read facebook wall (that’s what the kids call it, right?).

Phishers often depend on super popular site like twittface to spam you with a note from a service you’ll likely be using. I laugh these off because I don’t use any them. But if I was a phisher, I’d programmatically crawl the feeds to figure who your friends are and who you actively communicate with. I’d then watch out for nouns and verbs you’d expect in a message based on the vernacular your lil’ group uses, and then I’d phish you like a bunch of mom’s on their iMacs (my mom and her iMac excluded, of course!).

This post largely written on WordPress for Android in casual carpool. Fun!

How to embed Vimeo Videos: The hard way

0 minutes, 48 seconds

I’ve been chatting with my friend about how to embed Vimeo videos on his site. He was trying to figure a way to do html5 and flash and auto-detect if you’re a desktop browser or a mobile browser (or an iPad). By using JavaScript he could show the user the right video. I’ve accepted this challenge and I introduce: Plip’s Vimeo JavaScript Embedder v.01. One thing I didn’t do was scour the Vimeo forums to see if this had been done. What I did set out to do was:

  • Learn Vimeo Simple API
  • Write code some one had requested
  • Have a programming goal that I could prove could be done in just one night

Arguably, I may not have achieved the last item as I actually haven’t tested it on a mobile device yet (yeah, I’m a lazy, lazy man), but I’m pretty sure it’ll work on a WebKit device.

It should be noted, I don’t think I’m a very good JavaScript coder and this is version .01. Even so, should I add a “JavaScript” category?!

A “new” hack to WordPress at GoDaddy sites

1 minute, 50 seconds

Recently slashdot posted this:

Massive Number of GoDaddy WordPress Blogs Hacked
A nasty little exploit has hit a large number of GoDaddy-hosted WordPress blogs this weekend. The best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won’t easily notice. Clever and devious.
Slashdot

Immediately, with out reading any more of the sources for the article I had my suspicions that this was nothing new. The part where they say “only executes when referred by Google” (or refered [sic] :) is what tipped me. This was an old hack for old version of WordPress, topics I’ve written about before.

Digging deeper and looking at the source article, I see that that an enterprising hacker has gone the extra step of trying to turn your computer into a virus filled bot computer (or some other nefarious sounding term). The write up, with breaking news current as of today, is over at wpsecuritylock.com. The break down of the virus payload and sources was then attempted over at some dude name Dancho Denchoev’s blog. Dancho’s write up looks good, but use of “emerging threatscape” in is bio doesn’t look so good.

My take on all this is going to sound familiar: you must be vigilant about keeping your software up to date. I suspect that a lot of the GoDaddy customers feel they really got the shaft. Most likely these WordPress installs were all copies of the same older WordPress installed via a control panel for a domain that said “Set up a blog in 1 click!”. This is a great use of an open source project and WordPress is a really good candidate to be the one click code base for a blog. However, the end user at GoDaddy probably knows more about their flower pots or farmers market they blogged about, than about how to upgrade their blog. I’m not entirely sure it should have fallen to GoDaddy to keep up to date, but enabling easy updates (it’s built in since…um WP 2.8?) via SFTP and really extra for reals making sure folks upgrade would have gone a long way. Further, there’s all kinds of ways you can harden WordPress. You don’t want to be Network Solutions with their big hack (nor suffering the wrath of a WordPress author!).

Speaking of WordPress authors, you should check out their Codex entry on the Hardening WordPress. It’s a good, holistic approach at security.

Will the real 404 please stand up?

0 minutes, 46 seconds

One of the laptops in the house died recently. The svelte new Dell Latitude 13 showed up as its replacement, and it’s great. However, it’s running a factory set up version of IE8. I don’t use IE8, opting for the fox (for debugging) or the goog (for speed) instead, but I noticed that the totally awesome plip 404 page was being usurped in IE8. This will not stand! Just as I will not have my ISP taking over DNS for domains that don’t resolve, I will not have my browser decide what a 404 page should look like.

At first I found some sites that suggested a different header or that you could make your 404 page more than 512 bytes. While this will work, and will work every *every* user, I was curious about a client side setting. Enter “show friendly http error message” check box:

Just uncheck that guy in your IE settings and welcome back fugly plip 404 messages. Interesting enough, there’s all kinds of wackiness in Microsoft land about this. Read on if you care!

True Cost

3 minutes, 34 seconds

When we consume products in the US, what is the true cost? Most folks would think it’s simply the dollars they shell out of their wallet for the item they just purchased. If it’s just a monetary exchange, then price is king and entirely defines an item’s true cost. You should always pay the lowest amount possible for the highest quality goods.

To that end, Amazon’s native Android app is pretty great. Say you’re in your local widget shop, just down the street and they have Model A Widgets for $59.99. Whip out your phone, scan the bar code and BEEP, you see Amazon has it for $39.99. What’s that? It’s on Amazon Prime too? Sign me up! I get it 2 day shipping and tax free!

What if you’re looking for an audio cable. You could make one out of the spare parts bucket you’ve got in your garage, or you could get shiny new one online for $75.00. But whats this? It’s marked down to $4.72? Well, that’s over a 90% discount, sign me up for that deal too!

What about food? Should I pay triple for an Avocado because it has the “Organic” label on it? No way jose! The ones in the bin right next to it are cheaper and bigger to boot.

If you know me, you know this is not what I believe. I believe that the true cost of that widget includes not only the revenue you deprive your local shop of, but the neighborhood’s loss when it’s full of big box stores. I once was told by a fake cop I couldn’t park my bicycle in front the big box store I was trying to patronize because it wasn’t allowed. See, the entire box store mall setup was on private property, so they could set arbitrary rules that made no sense and then kick you off their property if you ride a bike and park it “funny”. Yes, a bit of a rant, I know, but I consider that the true cost of keeping your local shops in business.

The food has the same true cost. We should ensure our local farmers can make a living wage off the food they sell. Further, we should not by crap that will so pumped full of craziness, including preservatives that last forever. Eating this deprives us of healthy bodies which in turn cost the health care system money to fix.

Sadly, this post has a hypocritical end. I bought the cable. It came two days latter to my office. I suspect there’s some little boy in a sweat shop who doesn’t like me. I could have pulled out my soldering iron, found the scrap cable parts in my wires bucket and pieced together the cable I need. But nope, I just clicked “buy” instead.

Any one know of a good place online to by this sort of item and pay the true cost for it?

Update: One of our fine (few?) readers wrote in:

Interesting post. Here is an article, though a few years old now, that I may have alluded to in the past: Food That Travels Well

It doesn’t address electronics, but food. The main point being that distance itself isn’t the only variable in the “true cost” of something equation, at least environmentally.

Good point! Looking at the true cost inherently means you open the cost equation wider and wider, thus covering more and more factors. In this case, the fact that farmers can’t graze their sheep and are forced to use feed bumps up the net pollution for equation.

This should give us pause to know more about what we consume and what resources that consumption demands. A good, but admittedly hard to find, solution is something like Polyface farms as featured in Michael Pollan’s Botany of Desire. What’s hard to find here is the solution to the massive equation to figure the true cost of eating a good steak. In general, we, as lazy consumers, don’t want to be on the line for counting every carbon footprint, health care cost, and increase in child slavery. Instead, we want a simple, “If I do A, B will happen” type of solution. It doesn’t exist.

Here’s another tip of an iceberg along the lines, of “just do A…”:

The geophysicists Gidon Eschel and Pamela Martin have estimated that if every American reduced meat consumption by just 20%, the greenhouse gas savings would be the same as if we all switched from a normal sedan to a hybrid Prius – Meat: Making Global Warming Worse

There’s a great exhibit at the Academy of Science that explores this fact and demonstrates it in a way that even a 10 year old can grok.

More food for thought, indeed! Also, I very thoroughly checked the “Rambling” category in this update too ;)