Yes, I know it's late

Posted on March 21, 2002 by Pace Arko

Macromedia is planning an evangelizing tour to tout the new accessibility features of Flash MX. Considering the legions of Flash designers out there that probably may never learn how to design Flash objects accessibly one wonders if an upgrade and a few tutorials will help. It is true that Flash finally supports MSAA (Microsoft’s Accessible Technologies API) and that should improve things a bit on Windows platorms. I don’t know about other platforms though and, considering some of the rather egotistical statements about Flash replacing ordinary Web pages entirely, I am not too hopeful.

Posted in The Internet, Webmastering | Comments Off on Yes, I know it's late

Links!

Posted on March 20, 2002 by Pace Arko
Posted in Computer Support, Security and Privacy, The Internet | Comments Off on Links!

Okay. This is just too nifty to pass up

Posted on March 13, 2002 by Pace Arko

Wolfram Research has a form that lets you enter equations and have them integrated. This is really really neat! Takes me back to my old calculus days. Obviously it’s a drag to do this all in ASCII. This means that you are forced to do stuff like, Legendre[n,x] for Legendre functions (A type of differential equation that often occurs in physics.) and (((x^x)^x)^x)…^x. (Where x equals the number of powers x is raised to, in other words tetration.) but so it goes. It’s also rather irritating that the output is as an image.

Mozilla finally supports MathML (A markup language specifically designed for mathematical expressions) but I know IE doesn’t. I’ve always found it deeply ironic that the Web was created by a bunch of physicists and mathematicians, yet they added MathML only as an afterthought. What was Tim Berners-Lee thinking when he omitted this?

Posted in Science and Engineering | 2 Comments

Holovision!

Posted on March 7, 2002 by Pace Arko

I guess this is some contradiction to my earlier post about all the unrealized dreams of science fiction but, I just came across a company that makes three-dimensional viewing systems. This isn’t merely three-dimensional rendering on a CRT or LCD screen. This is real holovision.

Posted in Science and Engineering | 2 Comments

The W3C Rejects RAND!

Posted on February 26, 2002 by Pace Arko

The World Wide Web Consortium today rejected the RAND proposal I spoke of here a few months ago. This means that key Web protocols, standards and technologies will remain royalty free and open for all users. The little folks win out against the corporate organisms!

As such I have taken down the protest badge that I placed over my validation badges.

Posted in The Internet, Webmastering | Comments Off on The W3C Rejects RAND!

Why I Don't Read Science Fiction Anymore

Posted on February 26, 2002 by Pace Arko

When I read stuff about giant arcologies and I note that hardware stores still don’t sell robot housekeepers or personal jet packs, I just sigh. Hopefully I’ll see these things before I die.

Posted in Science Fiction, The Future | Comments Off on Why I Don't Read Science Fiction Anymore

Yes, CSS-based layout is better

Posted on February 24, 2002 by Pace Arko

Despite what older and supposedly wiser heads say, layout tables are evil.

Posted in Webmastering | Comments Off on Yes, CSS-based layout is better

The cyberpunk movement got it wrong

Posted on February 24, 2002 by Pace Arko

Asia will be old hat, along with Europe and North America, when nano and AL really get going. I predict the real interesting technological churn will happen in the finally developed, finally stable countries of Africa. Think I’m nuts? Stranger things have happened. Never say never.

Posted in Science Fiction, The Future | Comments Off on The cyberpunk movement got it wrong

Lego: The Best Toy in the World

Posted on February 24, 2002 by Pace Arko

When I was a kid back in the Seventies, they just started to import these really neat robot toys and models from Japan. This was about twenty years before the word anime came into the common English. Anyway there’s this guy named Sun Yun who builds robots, in the Japanese science fiction style, out of Lego. Apparently he’s not the only one.

Lego is ideal medium for building robots, as anyone whose ever played with MindStorms has found out. I’ve read that lots of budding engineers at MIT use it all the time.

Posted in Games, Science and Engineering | Comments Off on Lego: The Best Toy in the World

Reducing the Chance of Greymatter Script Hacks

Posted on February 17, 2002 by Pace Arko

The Greymatter script, while excellent in almost every aspect (A tip of the Farlopsian hat to Mr. Grey!), needs a little help so that, after installation, it runs in a secure fashion. For example, many of the forms it uses send the author’s username and password as unencrypted text between client and server. Actually this is problem that many perl server scripts have, and if you don’t take precautions, you’re one packet sniff or hack away from getting your script and maybe the rest of your server, owned.

Anyway, I imagine a lot of the savvy Web builders knew this upon installation and thus took cautionary measures. However there might be some inexperienced users out there who’ve just installed Greymatter and may be unaware of how to stop the hack Dangerous Monkey publicized.

Pretty simple to state:

  1. Make certain that the directory Greymatter generates pages to forbids file structure browsing to unauthorized users. Don’t do this in other words. This can be done via .htaccess or by putting an default page in place.
  2. Don’t use the IE-based bookmarklets Greymatter offers, at all. And erase any files labeled gmrightclick[some number].reg in the journal directory to prevent dictionary attacks. [Recent addition: Thanks to Noah (see below)!] I was informed that if everyone uses the “Clear and Exit” button on the bookmarklets page in Greymatter, it will automatically erase all registry files (files of the form gmrightclick[some number].reg.) in the journal directory. In other words, I spoke before I had all the facts. Using the bookmarklets page correctly will prevent the prevent this hack from occuring.

To secure Greymatter, or any server-side script in general:

  • Make certain all scripts are installed in directories that forbid file structure browsing to unauthorized users.
  • Tweak scripts and forms to use SSL for any password, username, credit card numbers, SSN or other information you don’t want packet sniffing to see. Unfortunately not everyone will be running their site on a server which allows users to use SSL. If not, well, I guess you’ll have to change your password frequently.
  • Make certain that any script passwords and usernames don’t correspond to root or system usernames and passwords.
Posted in The Internet, Webmastering | 2 Comments