Flash bookmarklets

The new Flash bookmarklets let you pause, rewind, and fast-forward Flash movies.

They require Scriptable Flash, so they only work in Internet Explorer and Mozilla and only on Windows (Linux: 211218; Mac: 203861).

Posted on October 31, 2003 at 03:58 AM in Bookmarklets | Comments (3) | TrackBack (0)

SCAMfest 2003

The 8th annual Southern California A Cappella Music Festival will be Friday Nov 7 at 8pm. Last year's SCAMfest was amazing, so if you're in the Los Angeles area, you should come.

Eleven college a cappella groups will perform this year:

Tickets will be available starting tomorrow at the ASPC office (above Edmunds Ballroom at Smith Campus Center at Pomona College) for $5. If you live in the Los Angeles area and want to come, tell me so I can get you a ticket. Or call Lisa D'Annunzio from the Claremont Shades at [phone number removed after SCAMfest] to reserve a ticket to pick up the night of the concert. The concert will be in Bridges Auditorium aka Big Bridges on Pomona College.

Posted on October 30, 2003 at 12:53 AM in Mudd, Music | Comments (2) | TrackBack (1)

Google Cache and slow CSS

If you use Google Cache when a server isn't responding, and the page uses an external style sheet, you won't be able to see the cached page. The reason is that most browsers block page display while waiting for the style sheet to load, and Google doesn't cache CSS or images. This limits the usefulness of Google's cache, especially now that CSS is popular.

Google could cache CSS along with HTML. To avoid spidering and storing every page's CSS, Google could proxy CSS loads for Google Cache users, and have the proxy time out after 5 seconds. But both of these solutions might use a lot of bandwidth.

Google could add code to cache pages to make CSS load later or in a non-blocking fashion. This has the disadvantage that when the server is responding, the page will be presented unstyled for a split-second. Since some Google users use the cache even when the site isn't down, this would be bad.

I hoped there would be a way for Google to add code to cache pages to stop blocking loads that are taking too long. JavaScript can detect a slow load: call setTimeout above the LINK element, and call clearTimeout in another SCRIPT element below the LINK. But the function setTimeout activates can't cancel the load by disabling the style sheet, changing the LINK's href, or removing the LINK element from the document. Browser makers didn't anticipate JS trying to cancel a blocking load. (Removing the LINK element from the document even crashes IE.)

Another solution is for browsers to make CSS loads block less:

  • 84582#c11 - CSS loads should stop blocking layout if they take more than a few seconds
  • 220142 - Pressing Stop while waiting for CSS should finish displaying what has been loaded before stopping.
  • 224029 - JS can't cancel blocking load of a style sheet
Posted on October 29, 2003 at 12:02 AM in Google, JavaScript, Mozilla | Comments (2) | TrackBack (0)

Clever blogspammer

A spammer posted the following comment on my old blog post Chrome URLs in Mozilla and Mozilla Firebird yesterday:

I've been a long time user of both IE and Netscape. Now I'm using Mozilla and Firebird. Although I'm a fan of Mozilla and Firebird and have recommended it to friends.

The poster's URL had a spammy-looking domain name ("success-biz-replica"), but the site itself didn't look too spammy and the comment seemed fairly on-topic, so I didn't delete the comment. But today I stumbled on a very similar comment here and realized the comments were spam. The spammer probably decided to spam blogs mentioning Mozilla because those blogs are likely to have high Google PageRank.

I went into my web server logs to see what search phrase she used. I figured it would be something like mozilla "post a comment" "remember personal info" but I wanted to see the exact search phrase. I searched for the poster's IP address and found this:

193.230.197.6 - - [26/Oct/2003:11:07:05 -0800] "GET /archives/000007.html HTTP/1.0" 200 12252 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Alexa Toolbar)"

There was no referer, which probably just means she hid the referer intentionally. But I noticed something else: she used Internet Explorer to post the comment.

I deleted the comment.

Posted on October 28, 2003 at 12:29 AM in Blogging, Google, Mozilla, Spam | Comments (7) | TrackBack (0)

Fire

I started seeing and smelling smoke yesterday. Today, the fire became visible on the hills north of the colleges. There was a fire on the same hills last year. But last year, smoke and ash didn't reach campus, probably because the wind was different. Last year's fire was fun to watch. But this time, being outside at all is unpleasant because of smoke and because of ash getting into our eyes. And this time, several suburban houses have already been destroyed, only a day or two into the fire.

My dorm room smells like smoke even though I haven't opened my window, so some smoke must be getting past the air conditioner's filter. Adam Bliss told me that even the underground Libra complex smells like smoke.

Most of the pieces of ash are tiny, but Jessica Nelson and I found part of a burnt leaf on the ground. It is about an inch long.

Posted on October 26, 2003 at 03:46 AM in Mudd | Comments (2) | TrackBack (0)

Firebird patches

I attached simple patches to 3 Firebird bugs:

213377 [5] - Cannot stop animation with stop button or escape key
216722 [3] - Inital focus in Help|About Mozilla Firebird should be "OK"
218146 [0] - mousedown on tab and drag out still switches to tab (fix: switch onmousedown instead of onclick)

I hope my patches fare better than the ones mentioned in this forum thread.

Posted on October 24, 2003 at 08:38 PM in Mozilla | Comments (1) | TrackBack (0)

Google spell correction

schwarzenator
governator
jessie ruderman
misdeception

Posted on October 24, 2003 at 01:05 AM in Google | Comments (0) | TrackBack (0)

Google fails to predict who I will marry

I have mentioned 8 females on my blog who are about my age. Their first names are Aurora, Erika, Helen, Kay, Michaela, Pamela, Sara, and Selene. I searched Google for these first names with my last name (for example, 'Helen Ruderman'). My rank is between #1 and #4 for each theoretical full name.

My rank for each name does not correlate well with my how likely I think it is that I'll marry each girl, crush strength, or even how well I know them (|r| < 0.3 for each).

Three of the theoretical full names are "taken" -- people with those full names exist. Surprisingly, there is no correlation between my rank and whether the full name is "taken" (r=0.127 in the expected direction). In one case, part of my site ranks #1 even though 3 sites mention a person who actually has that full name. In another case, nobody has the full name, but part of my site ranks #4.

Posted on October 24, 2003 at 12:35 AM in Google | Comments (0) | TrackBack (0)

Another Google security hole

This simple hole allows any site to change your Google preferences behind your back. Someone could change your Google interface language to Pig Latin. (Why Pig Latin rather than, say, Russian? It's more fun, and the "Google.com in English" link isn't as obvious when the surrounding text looks like English.) Someone could make your searches only turn up English results. Worst of all, someone could stop you from using Google to search for porn by turning on SafeSearch.

Slashdot's solution to this type of hole is "formkeys". I don't know how other sites solve it. But one incorrect solution is to check referers.

Posted on October 23, 2003 at 09:30 PM in Google, Security | Comments (2) | TrackBack (0)

Minor security hole in Google

Webmasterworld's "hitchhiker" and I found a security hole in Google today. He searched for something like "this can't be true" and his browser reported a JavaScript syntax error. I pointed out that with a carefully constructed query string, you can get Google to spit out something syntactically valid that does whatever you want. For example:

http://www.google.com/search?q='+alert(document.cookie)+'
causes Google to generate the following onClick attribute: onClick="c('http://images.google.com/images?q='+alert(document.cookie)+'
&hl=en&lr=&ie=UTF-8&c2coff=1&safe=off','wi',event);"

If you follow the link and click a tab (web, images, groups, directory, news), you'll see your Google cookie in a dialog.

Hitchhiker responded:

I just can't believe G made that kinda mistake.

ESCAPE ESCAPE!

Escaping is not always the best solution. When I found a similar hole in some JavaScript code in Mozilla, ducarroz's solution was to use an alternative window.setTimeout syntax. The normal version of setTimeout takes a string to be parsed and executed; the alternative version takes a function and parameters. Instead of escaping the untrusted input, we avoided parsing a string containing the untrusted input.

Posted on October 23, 2003 at 08:15 PM in Google, Mozilla, Security | Comments (2) | TrackBack (0)

Vons.com supsends delivery service due to strike

Retail clerks and meat cutters initiated a work stoppage at the three major Southern California grocery store chains, including Vons. This labor dispute has affected operations at stores that fulfill Vons.com orders. As a result, we have suspended delivery operations for the time being. We will notify shoppers when Vons.com deliveries will resume. Thank you for your patience.

The words "strike", "union", and "health care" are notably absent from this statement shown to Vons.com customers.

I also tried signing up for Albertsons.com, which I had never used before. Albertsons.com has also suspended its service. Like Vons, Albertsons avoids the word "strike", but at least it doesn't hide "labor dispute" in the middle of a paragraph and try to blame its employees.

Unfortunately, due to a labor dispute, Albertsons.com is unable to serve you today.

We are sorry for the inconvenience and hope to resume our online service as soon as possible.

I might have to beg for a ride (or walk) to a physical grocery store for the first time in a year. I haven't decided whether to cross the picket line at the local Vons or find a non-unionized grocery store.

Posted on October 22, 2003 at 03:45 AM in Mudd | Comments (7) | TrackBack (0)

Browser stats for squarefree.com

Mozilla: 59.6% (76.6% Firebird)
MSIE: 27.5%
Opera: 2.3%
KHTML: 1.2%

Other: 9.4% (includes robots)

Posted on October 21, 2003 at 01:49 AM in Mozilla | Comments (1) | TrackBack (0)

Default major

Sara Saperstein told me that at Reed, students who don't know what major they are often become psychology majors. Partly as a result of this, the psychology major isn't as challenging or as interesting as it should be. Sara is no longer a psychology major.

At Mudd, engineering is the (unofficial) default major. Engineering is also the most difficult major in terms of course load: it has difficult labs, 3 semesters of Clinic, and allows students only 1 free elective for their entire 4 years. I don't know why it's the default major despite being so hard.

Do other colleges have "default majors"?

Posted on October 19, 2003 at 03:20 PM in Mudd | Comments (3) | TrackBack (0)

The ultimate Engrish phrase?

"Eternal Engine of Linguistic Massacre", a song title translated from Japanese, seems to sum up the entire Engrish phenomenon. It is song 5 on the second CD of the soundtrack of a Japanese game called Valkyrie Profile. But when I found the original title of the song and showed it to Gabe, he decided it was translated correctly and didn't make any more sense in Japanese.

Posted on October 19, 2003 at 03:00 PM in Humor | Comments (1) | TrackBack (0)

Friends don't let friends use IE

Pop-ups kill.

Posted on October 14, 2003 at 05:05 PM in Humor | Comments (2) | TrackBack (2)

Laid to governation

Gabriel Neer: "Governating the countryside! Governating the peasants! Especially the women!"

Posted on October 12, 2003 at 11:26 PM in Humor, Politics | Comments (0) | TrackBack (0)

National Novel Writing Month

My girlfriend is going to participate in National Novel Writing Month. She assures me that I will see her at least once during the month of November.

Posted on October 11, 2003 at 07:41 PM in Mudd | Comments (0) | TrackBack (0)

False fire alarm

South has about one false fire alarm a year, usually due to kitchen non-fires. When there was a fire alarm at 6:50am last Friday, many students stayed in their rooms the whole time. I do not think this is a coincidence.

I took time to get fully dressed, and even then I was one of the first students in the parking lot. Only a third of the students in the dorm came to the parking lot during the 10-minute alarm. Some students came out of their rooms briefly, saw Michaela waving her burnt toast around, and went back into their rooms. The rest either slept through the alarm (unlikely, given how loud it is) or decided to stay in bed.

In California, it is illegal to "impair the effective operation of a [fire-protection system], so as to threaten the safety of any occupant or user of the structure in the event of a fire". So it's clear that we can't reduce the sensitivity of alarms in the dorm just because we find false alarms annoying. But what if we think a reduction in the false alarm rate would make residents take fire alarms more seriously? Could we argue that making the detector near the kitchen less sensitive would make the alarm system "less impaired"?

Cornell University has taken steps to reduce false alarm rates in dorms. They were able to do so with the encouragement of the Ithaca Fire Department and presumably without breaking any New York laws. This is encouraging, even though I live in California.

Posted on October 11, 2003 at 06:02 PM in Mudd, User Interfaces | Comments (3) | TrackBack (0)

What's new in Mozilla Firebird 0.7

If all goes well, Mozilla Firebird will be released early next week. Here's a list of changes since 0.6 that I consider important.

Continue reading "What's new in Mozilla Firebird 0.7"
Posted on October 10, 2003 at 05:44 PM in Mozilla | Comments (13) | TrackBack (5)

Upcoming birthday

I will turn 21 on October 13, 2003.

On an unrelated note, here's the list of Mozilla bugs I reported that are still open and the list of bugs I'm voting for.

Posted on October 01, 2003 at 02:21 AM in Mozilla | Comments (6) | TrackBack (0)

Strong Bad + Lord of the Rings =

Dan Cicio and Pamela Rettig outdo Strong Bad in their modification of Strong Bad's Kids' Book.

Posted on October 01, 2003 at 02:15 AM in Humor | Comments (1) | TrackBack (0)

Failed Romance

Eleanor Casey: Failed Romance.

If you really must write your own [romantic poem], then remember - it doesn't have to rhyme. Specifically, you should never ever ever try to rhyme the girl's name with something. Never. Even more specifically, do not try to rhyme "Eleanor" with "smell of her". No.

If I ever write a poem comparing Helen to cantaloupes, I will be sure not to mention the process of smelling the melons to determine ripeness.

Posted on October 01, 2003 at 01:33 AM in Humor | Comments (0) | TrackBack (0)

Why study acquisition of language?

I'm taking a Pomona class called Acquisition of Language. Here are some notes from the first day:

Why study acquisition of language?

  • Lets you see mechanisms behind language.
  • You can see dramatic changes over short periods of time. For example, most kids start having real conversations around 3 and a half.
  • Kids are cute.

I like this class.

Posted on October 01, 2003 at 01:17 AM in Linguistics | Comments (0) | TrackBack (0)