I have had an issue with MSN for a while. I use Pidgin for my daily chatting because it has a Jabber/XMPP client embedded as well as support for a variety of other chatting systems such as gtalk.

Either way, I kept getting messages from random usernames when logged in. Today for the first time I got an actual person prettending to show a strip show or something.. What’s wrong with people? Seriously!

I think Carlin is probably one of the funniest comedians. The strange thing is that his humor is not just funny. It’s true.

George Carlin - Life is Sacred / Kill for God

Religion is Bullshit

I think comedy is the way we address certain stupid things we do that don’t make sense but we do them anyway. Did you know that KKK was not disbanded because of collective action, but by comedy? Yep, some smart people decided to spread their secrets on a Superman Radio show, and people realized how stupid their actions were.

Comedy is just great. It often is true.

The previous post was using the 1990 cencus data. I got the new data from
http://www.census.gov/geo/www/gazetteer/places2k.html
and updated the script.

Download: counties_in_states2.zip

For a project I was trying to figure out all the Counties in each state in the United States.
First I got a list at http://www.census.gov/datamap/fipslist/AllSt.txt.

The data is not very well formatted so I wrote a ruby script to import the data. According to this site http://www.usgs.gov/faq/list_faq_by_category/get_answer.asp?id=785 There are “3,141 counties and county equivalents in the 50 States and the District of Columbia”. Well the list above is not very accurate if this is the case. I was able to get find parse out only 2954 counties. The Census site says the data was collected in January 1, 1990. Hmm, that’s really out of date information. However, I am posting the code that I wrote to parse the file. You will need a mysql database and activerecord to run the script.

Download: counties_in_states.zip.

I always thought that web hosting companies would be decent enough to provide security but they do not.

They cannot protect you from people modifying dynamic content such as your blog. Here’s how it works.

When you upload your blog your hosting company, it will have a username and password for the database to which it should be connected to.

Each file has the following permisssions: your_username:your_username . The first item before the colon means that’s the username, and the second indicates the group. Yeah, you are a member of your own group. Stupid eh?

When you upload a file to your host, the default permissions are:

You can read and write into the folder/file
Your group can read and write into the folder
Everyone can read

Yeah, everyone can read. The reason behind this is that the webserver process, which runs under a different username, needs to read your files. What needs to happen is that a special group between you and the web server username needs to be created. Or the username of the webserver needs to be added onto your own username. That way, you can remove read access to everyone and give read access only to yourself.

This really sucks. If you are a savy user you can find several places where you can find usernames of people in the system. Sometimes, hosting companies place everyone’s username in a file for their benefit. Guess what if you thought that gave you security, tough luck.

Now you’re thinking, why on earth don’t they do this. The answer is stupid: they are lazy. They don’t want the overhead of troubles which comes with this configuration. Making sure a user is a member may require more time on their side. So, they say: Since you can’t afford to buy a VPS, you can’t afford to protect your data. Yep, they think like that.. Yet another wtf for the day!

Have you wondered how many characters does your browser allow you to enter in the Address Bar ?

Well, I was interested so I messed around:

Opera 9.6:  65,531

Firefox: Unlimited but you will soon run out of RAM. Mine spiked two 700MB in just less than a minute duplicating the url length

Chrome: 12,140

IE7: 2,048

Safari: Unlimited - Truly. It gets slightly slow but it doesn’t take loads of RAM like firefox

When talking about branding and websites I often feel like they slightly contradict each other, so balance needs to be carefully crafted. Branding is about establishing a presence that people recognize and apprecciate, while websites need to be more dynamic and changing over time.

A site from a couple years old, becomes stale and boring with regard to advertising. But a functional site changing all the time can be frustrating. The same goes for branding. I propose a new solution to the problem: Websites that resemble more to Netvibes; that is websites that allow the user to change the look/skin of the site. Instead of sending three comps to a client, make three skins and let users choose which one they want to use. The client’s perception can be the default one. So, everyone is happy and not conformist.

The reason why Gnome or Windows keep changing their look is about transmitting some kind of innovation. I get tired of looking all the time at the same color organizaiton and icons. I like to change things around, and it’s probably one of the main reasons I look forward to newer versions. In 2003-2004, there was a great movement in making chrome look pretty, but it wasn’t much of an improvement. Then, 2007 came around and they scrapped everything made earlier for bulkier click-focused interfaces. Luckily not everything changed. Then, Chrome came out and it removed most of the chrome. It almost feels that these strange refinements are just a way of transmitting a sense of change. Can we do the same for the web without the need to make people wait for years to see a new site?

Billions of animals are killed each year for food consumption. They are killed in factories, it’s bureaucratic, it’s efficient. What’s wrong with it? It bears an astounding similarity to Auschwitz-Birkenau, Bełżec, Chełmno, Majdanek, Sobibór, and Treblinka. While people during the holocaust were gassed, animals and birds are slaughtered: their throats cut and left to bleed to death.

If Germans had found a way to make the eradication of Jews a lucrative business, like the meat industry is today, they might have succeeded. People don’t care about who dies or lives as long as they get their food and indulge every so often in their cravings. Slavery didn’t become a problem in the west until it was among the westerners. If slavery was carried on in Africa, away from people’s eyes, it would still be a prosperous reality today. This idea is supported by the fact that in some countries in Africa and Asia slavery is still a way of life.

This is not a far fetched idea. It is a reality. The west lives on a compromise of ideals of what is infront of them and what is not aknowledgeable. People are slaughtered in thousands in unstale countries, and the west doesn’t care because it is not part of the daily lives of the westerners.

Ignorance is an interesting manner by which the brain protects the mind from unbearable shocks. For instance, amensia often is triggered because the brain cannot deal with reality. In the same way, conciously or unconciously, people in the west protect themselves from unbearable and unconfortable truths. Slaughter is bad, but we should keep it away from us.

Kill efficiently, in great numbers, and away from public eye, and you can be one of the most terrible human beings that will go unpunished. This is the truth, this is how we are, we don’t care. Is there a solution though?

Yes, there is. The solution is simple and scary at the same time: specialization. Humanity has managed to prosper and develop not because everyone is knowledgeable of the new advancements, but rather because people are specialized into those areas. Incentives are given for people to pursue research and dedicate their life towards their ideals.

The group of these chosen people is called government. It is the governement job to address such issues. It is our stance who promotes it, but unless we become aware of these horrible realities, nothing will change. Representatives won’t push agendas for which they don’t have support, and people won’t look at the uncomfortale truths, they are uncomfortable.

So what can be done? The only solution is mass information of such realities. Information is not suffficient alone. Experience speaks for 50% of the effort. There must be a way for people to be exposed on a large scale to the realities of these slaughter factories. Is the internet sufficient? Can videos of these slaughter houses or will people click on the next Paris hilton naked tape? Maybe there is time for both? Maybe… I hope so.

You will need the HTTP_Request library.

<?php
require(’HTTP/Request.php’);
$url = “http://app.domain.com/login.php”;
$req =& new HTTP_Request($url);
$req->sendRequest();
// Grab the html text
$html = $req->getResponseBody();
// Scrape the form
preg_match(”/<form(.*)?<\/form>/ms”, $html, $matches);
$form = $matches[0];
// Scrape all inputs
preg_match_all(”/<input.*?\>/ms”, $form, $matches);
?>

<form action=”http://app.domain.com/app2/authenticate.php” method=”post” id=”frm1″>
<?php foreach($matches[0] as $input) :?>
<?php print $input; ?><br/>
<?php endforeach; ?>
</form>

Finally add some javascript to populate the form fields and submit the form as you need.

There are several reasons why this might not work if you are doing XSS stuff.

1. A token maybe assigned to the session. Then you will need to grab the cookies and send them over to the user.

2. The cookie handling might not work because the Webserver might record the IP of the host and associate it with the cookie. Now this is not part of HTTP but it surely sounds very secure.

3. Javascript is used to alter the DOM tree. Then you need a rendering engine.

This is really aweful.

..

Call on Hormel to make changes for animals!