Yet Another Blog

Superb. Neil has spotted that Family Guy and American Dad both debut on BBC2 Saturday night

 

Gosport and Portsmouth have gone hi-res in Google Earth. The satellite images look fairly recent – the Tricorn Centre has gone and the Spinnaker Tower looks largely complete. You can also make out the naval base in a lot more detail (!) and follow the old railway line from Fareham to Gosport.

The maps haven’t been updated in Google Maps (the web version) but it’s only a matter of time…

 

After whetting my appetite last year with my first trip abroad, I’m now looking for more excuses to travel. The real biggie comes in November, when I will be travelling with a friend to New York, Philadelphia and Chicago over 11 days. After that, I’m hoping to go to Cork for three days between November and December, and will hopefully be hopping over to France or Belgium to get some Christmas-y goodies.

And why not, eh? Life’s too short to work all the time and after six years of pretty-much non-stop working I deserve some kind of holiday.

I’m particularly keen to get more into photography. The Canon A80 has served me well, but it’s time to move onto something a bit more ‘professional’. Little things that I would’ve been blissfully unaware of in my ignorance are now starting to bother me. Slow auto-focus. Sensitivity to noise. Limiting aperture and shutter speed are all bothering me as I test the camera in more adventurous ways. So, I’m now looking to upgrade. The Canon EOS 350D is prime candidate, and I’m already pretty much sold on it.. I’ve found a nice local supplier (would prefer this to buying online), and next week I’ll check it out. Hopefully I can finally make good use of that Flickr account that lays fairly dormant at the moment.

In the meantime, I’m preparing for America. Tickets are booked and passports at the ready. It should be a good month.

http://www.bbc.co.uk/dna/h2g2/brunel/A753527

The Origins and Common Usage of British Swear-words. The etymology of a bunch of words I don’t really need to tell you about. (via Kottke)

Been to see a few movies lately – here’s a two minute summary (scores are out of 100)

Revolver – Guy Ritchie’s latest movie. A potentially interesting storyline pissed all over in the last half hour. 65

A Very Long Engagement – French movie from director Jean Pierre Jeunet, a follow-on from Amélie (one of my all-time favourite movies). It’s not a sequel, but Audrey Tautou and other familiar faces reappear in this flick. Not as good as Amélie, but still well worth watching. I enjoyed it. 75

Pride & Prejudice – I’ve read the book, but didn’t see the Colin Firth BBC series. Well enough played by the actors, but the camerawork is a bit distracting at times. If you’re a bloke, take a girl with you. This is basically a chick flick (although i want to see the TV series now) 80

Dukes of Hazzard – I was expecting this to be silly and rubbish. It turned out to be silly and rather good. Thoroughly enjoyed it, and the casting was perfect… 85

Still to see,
Serenity – TV series was ace
A Scanner Darkly – strange enough to be interesting

 

Memeflow Goto is an AJAX-based service that allows you to build your own homepage. It’s a little bit cluttered in my view (why see URL, title, X and # on every single item – it’s so visually dense) but still promising.

There seems to be an appetite for this homepage stuff, and Microsoft, Google and Yahoo! already know that. Look forward to plenty more of these kinds of services from eager programmers in the coming months.

Purely random thoughts today – it’s one of those days.

• Have you ever noticed (maybe this is a South of England thing) how people say ‘I mean…’ all the time. It’s a bit like the word ‘like’ that seems to be injected into fairly random places in some American speakers’ sentences.
• On the back of car park and cinema tickets there’s always a note that says ‘advertise in this space, call….’ and almost never an actual advert. That seems like a pretty bad sign (if they never have any actual advertisers), and surely discourages others from taking up ads there?
• Do petrol tanker lorries run out of petrol very often? If so, are they allowed to use their own supplies?

Been incredibly busy lately creating websites (or rather, the system to create websites… the mother of all systems). Back to blogging shortly.

 

I’m now getting daily (or more frequent) attacks on various web forms I have around the Internet. The characteristics are always the same: an automated bot seeks out a form that looks vaguely like a contact form. It then tries to iterate through each field, injecting a newline character and some MIME headers. An AOL address is BCC’ed, so the attacker can see which exploits were successful.

Presumably, once the attacker hits a vulnerable form, the spam begins. Fortunately this has yet to happen here, but it’s undoubtedly going on all over the place.

Rather interestingly, MIME headers are put in – this could have the action (if done the right way) of hiding the original webform from the spam recipient, getting straight to the spammer’s message instead.

To date, I’ve had attacks with BCCs going back to jrubin3546@aol.com, bergkoch8@aol.com and mhkoch321@aol.com

To protect yourself against these attacks, make sure that any web forms you use remove newlines from user input – particularly those that might reappear in headers. In PHP, for example use something like $usermail=str_replace("\n","",$usermail); (and similarly for \r).

Elsewhere on the Internet, this recent ‘wave’ has been discussed, and a quick Google finds a few articles of interest:

• Article about email injection
• Blog with plenty of comments from affected webmasters

On Flickr right now, a wide array of photos from New Orleans and many other affected areas following the devastation of Hurricane Katrina. In particular, have a look at this collection, amassed from various sources.

A post from Dave Winer: "On CNN, Aaron Brown asks what the city will look like when the water recedes. The correct answer … is that the water isn’t going to recede. The only way to get the water out of the city is to pump it out…" – consider this diagram (the cross-section, bottom right of the pic) to see why this comment is quite true.

As far as I can tell, Yahoo! own Altavista. This is almost certainly old news, but slightly embarrasingly I’d never spotted it before.  Altavista is owned by Overture, which is in turn owned by Yahoo!

Only happened to spot this when I saw that Altavista.pl is hosted within Yahoo!’s IP range.