Priceless! 
Social Networking Wars
Sep 8
Most people know about computer viruses, but very few people are aware of the danger posed by malicious websites.
If you are not careful, malicious websites can steal your personal data by using vulnerabilities in certain websites. These kind of attacks are generally referred to as cross site scripting or XSS, and in general, it is very hard to be sure that an website you visit is not vulnerable to such attacks.
Logo Designer David Airey lost his domain as a result of an XSS attack, and a while ago Friendster suffered from a similar attack.
One precaution you can take against such attacks is to have multiple browsers on your computer, and use separate browsers to access sites with different trust levels. I divide up the sites I visit into three trust levels and use three different browsers to visit each category. One is for my primary email and banking etc. The second is for my secondary email (no personal stuff), blogs and other known sites. And finally the third where I visit sites from search engine results or other untrusted sources. This might sound paranoid, but when it comes to computer security, a certain amount of paranoia is essential, especially if you are using it for your business or professional use.
Another common mistake is to log in to your mail and other accounts from internet cafes while travelling. You can never be sure when a computer at an internet cafe has a key logger or other malicious software installed, either by an unscrupulous employee or by another user or by a downloaded virus. Set up a temporary email account for use while you are traveling, and have your other email accounts forward the email to this account. This does not guarantee safety, but at least it will minimize the risk.
For higher security, you really need to do dig deeper into computer security issues. This article at Wikipedia is a good start. But for most people, following a few reasonable precautions like the ones mentioned above can offer a good enough safety net.
Read about how a GMail vulnerability resulted in logo designer David Airey losing his domain name -
Google’s GMail security failure leaves my business sabotaged
In short, check the filters in your GMail settings, and make sure that there are no filters there forwarding your email to an unknown address.
Update – Some suggestions for safeguarding against malicious websites
The meaning of drive
Dec 20
This has to be one of the most touching personal anecdotes I have ever read.
A. C. Lyles, a producer at Paramount who worked at Paramount for over 60 years -
When I was 10 [in 1928] I wanted to make movies…
After four years in the job [he was then 14] I eventually met Adolph Zukor… when he came to Jacksonville. I asked him to let me come to Hollywood to work for him. He said, “Well, you’re just a kid, but you’ve been working for Paramount now for four years at the theater. So you finish high school, keep in touch, and I’ll hire you when you get out of high school.”…
So I wrote him every Sunday for four years.
Read the rest at Marc Andreessen’s blog.
One of the pains of using CruiseControl is that setting up and configuring it is not very intuitive, especially when you only need to change it every six months or after a hard disk crash.
Julian Simpson shows how to keep the CC configuration file in the version control system, and use a bootstrapper to apply the configuration whenever it changes – Configuring CruiseControl the CruiseControl way.
Or, you can switch to Hudson 
Groovy rocks!
I have used Groovy swing builder before to layout some basic Swing UIs, but recently I used it for the first time for some real scripting. It was a script to do some database maintenance, and I was amazed at how easy, fun and productive Groovy can be.
What surprised me most was how easy it was to refactor as I went along. I had assumed that it will be inherently more difficult to modify it without static typing and full IDE support. Not the case at all, although it was a single script, and so things might be different if it is a Groovy program spread over multiple scripts.
Incidentally, the Codehaus Groovy Closures page has the easiest to understand explanation of what curried functions are -
You can fix the values for one or more arguments to a closure instance using the curry() method from the Closure type. In fact, this action is often referred to as currying in functional programming circles, and the result is generally referred to as a Curried Closure. Curried closures are very useful for creating generic closure definitions, and then creating several curried versions of the original with differing parameters bound to them.
I had glanced over curried functions in past, and it always looked like something that I will have to sit down and write some code to fully understand. But this explanation just clicked instantly. Thanks to whoever wrote this; I am sure I will find a use for it again soon.
One of my favourite settings in IDEA is to turn on the ‘Add unambiguous imports on the fly’ option.
With this on, if you type a class name, and that class is unique in the project libraries, IDEA automatically adds an import for that class. No need to stop typing to press ALT – ENTER.
So, I updated to IDEA 7 and found this wasn’t working anymore. Even more annoying, I couldn’t find this option in the settings. Turns out this setting has a new home.
In IDEA 7, it is has been moved to Settings|Code style|Imports.
Ref – EAP 7087 Release Notes
Say goodbye to the code tag.
Wordpress.com blogs have a new shortcode to post source code with syntax highlighting.
http://wordpress.com/blog/2007/09/03/posting-source-code/
If you find that you can’t get it to work, make sure that you have typed in the shortcode, and not copied the snippet from the FAQ entry.
When copied, the snippet contains invalid markup. See if you can spot the difference -
sourcecode language='css']...[/sourcecode sourcecode language=’css’]...[/sourcecode
Friendster hacked
Aug 16
(or how to use Firefox web developer to impress your wife )
Looks like Friendster is suffering from some kind of CSS attack.
So, if your Friendster profile page is showing up a blank page, go to this link – Friendster Hacked and follow the instructions there to fix it.
Now on to how Chris Pederick’s Web developer made me look like a hero (at least in my wife’s eyes) :-
Wifey comes home and tells me her Friendster site is not working. Being the good samaritan that I am, I immediately open up my browser to have a look. The page shows up all blank, so of course the first thing I do is View – Source.
All the page data is there in the source, it just isn’t showing up.
Hmmm…time to download and install Web Develoer and Firebug in her browser. That done the following few steps led to resolution of the problem :-
Using Web Developer extension -
1. Try Disable -> Javascript – no effect
2. Try CSS -> Disable Styles -> All Styles – Cool! The page shows up without all styles; time to narrow it down
3. Try CSS -> Disable Styles -> Embedded Styles – The page shows up
(CSS -> Disable Styles -> Inline Styles has no effect, so the problem is in an embedded style)
4. Do CSS -> View CSS – All the different styles are listed in a new tab. Luckily there are only two embedded styles, and one of them immediately seems like the problem -
Embedded Styles from http://www.friendster.com/user.php?uid=XYZ
body {background-color:#ffffff;
background-attachment:fixed}
.commonbox h2 {background-color:transparent; color:#ffffff}
.commonbox {border-color:transparent}
div{display:none}
Back to View – Source, and a search for div{display:none} brings up the offending code -
Ha! I actually LOL when I saw this.
It was easy to fix this after getting so far. Go to the Profile page, bring up the edit box for the shout out. For my wife’s account, it came up as this -
Remove, reset and save, and the profile was back to the way it was.
After fixing it, I google for friendster hacked, and one of the first few links is the one mentioned above.
Darn! Could just have googled first, but then I would have missed out on having all this fun, and my wife wouldn’t have been as impressed he he.
BTW, anybody at Friendster looking for an exceptional software developer?
P.S. If you use Firefox, go get the web developer extension. It is priceless for the web developers and the power users alike.
A 40 minute talk by Douglas Crockford on the beginning of JavaScript, JSON and JSLint, lambda expressions in JavaScript, and how he went from thinking JavaScript as moronic to loving it -
