Firefox extension for porn: Thumbs
Tired of clicking hundreds of text links in TGPs just to get to the 10% of galleries with the good stuff? Thumbs shows the first thumbnail from each linked gallery, so you can just middle-click the ones you want.
Custom 404 page
www.squarefree.com now has a custom 404 page.
Porn sites recommend Firefox
IMPORTANT-Make sure you read this before using links on this page. Due to the ever increasing amount of nasty scripts and spyware being installed on peoples computers the ONLY browser I recommend for these links is FireFox.
U.S. Department of Homeland Security recommends not using Microsoft's Internet Explorer because of security vulnerabilities... More details.
Thanks to Asa for some of these links.
Update Sept 25, 2004: As part of my efforts to promote Pornzilla, I asked these sites to link to Pornzilla in addition to Firefox.
Opera's least popular feature comes to Firefox
The adbar extension displays Google ads related to pages you view. It works in Firefox 0.9+.
Hidden search results - answer
Michael Lefevre and mpt gave correct, but incomplete, answers to the question in my previous blog entry in their comments. Part of Michael's answer:
You'd have to work out which bits of closed bugs should be queryable (if you give any indication of a result based on, say, summary or comment queries, you could be disclosing important bits of the closed bug).
Indicating hidden results for a summary query would indeed disclose an important bit of the bug: its summary. First, the attacker would query for bugs with summaries starting with "a", "b", etc. Discovering that at least one hidden bug's summary begins with "b", the attacker would query for bugs whose summaries start with "ba", "bb", etc. After a few hundred more queries, the attacker would have the entire summary.
Hidden search results
Google sometimes hides search results to ensure that search results are varied:
In order to show you the most relevant results, we have omitted some entries very similar to the 15 already displayed. If you like, you can repeat the search with the omitted results included. [foo site:squarefree.com]
or due to bad laws:
In response to a complaint we received under the Digital Millennium Copyright Act, we have removed 1 result(s) from this page. If you wish, you may read the DMCA complaint for these removed results. [scientology site:xenu.net]
Bugzilla also sometimes hides search results, to protect confidential bugs such as undisclosed security holes. Unlike Google, Bugzilla doesn't tell you that there are hidden results for your search. This caused me to worry that potential employers would think I can't count. It also makes it impossible for Peter(6) and others to tell exactly how many release blockers there are.
When Bugzilla hides search results from you, why doesn't it inform you like Google does?
Hint: while "Because nobody implemented that feature" may be technically correct, that's not the answer I'm looking for.
Some people are never happy
- 114061 - Red star default desktop icon is offending to many people.
- 222306 - Bird head of real Firebird logo in page header logo looks like a goose on fire.
- 233525 - Background of Download Manager looks like one-finger-salute.
- 246760 - New default theme looks like it was made be a 3 year old.
- 254287 - Icon for 'Switch to an alternate stylesheet' looks like a soy bean speared by a hairclip.
Bounties
mozilla.org now has a security bug bounty program, which offers $500 to people who discover "critical" security holes. Meanwhile, Microsoft offers a $250,000 bounty for catching virus authors.
Preventing browser UI spoofing
The problem of web sites being able to spoof browser UI was on Slashdot recently. This is a hard problem that browser vendors have known about for a long time.
The most popular solution, preventing web sites from disabling the status bar, is insufficient. Keeping the status bar always on would only keep malcious sites from spoofing https sites. In contrast, keeping the address bar always on would keep malicious sites from spoofing all web sites. Keeping the address bar always on would also be more effective at preventing web sites from spoofing native applications.
One argument for using the status bar is that it's smaller than the address bar. But it's only about 8px shorter if we use small-icons mode for pop-ups, and we can probably make it even shorter.
One suggestion was to show the hostname in the status bar. The hope is that users would then look there instead of the address bar to verify what site they're on. I don't think enough users would change their habits for this to work. It would also require cluttering the status bar in ordinary windows, which seems like a high price to pay to save 8px in pop-up windows.
Whatever we choose (address bar or status bar), we can do things to avoid breaking existing web sites. If a web site requests a 400x300 window without an address bar, we can give it a 400x334 window with an address bar. We can add a menubutton to the address toolbar in pop-up windows with menu items "Restore toolbars", "Hide address toolbar", and "Hide address toolbar in all pop-ups from https://gmail.google.com/".
Pornbar for Firefox
Inspired by the Bible Toolbar extension for Firefox, Billistic made Pornbar. Sadly, he based his extension on the Eurekster toolbar, not the Bible Toolbar.
Update August 15: Pornbar is now listed on the Pornzilla site.
