More Google changes

  • The maximum words per query has increased from 10 to 32.
  • If you click a word in your query, it now takes you to answers.com instead of dictionary.com. Answers.com shows not only dictionary definitions but also thesaurus entries, encyclopedia and Wikipedia articles, and several other sources of information.
Posted on January 26, 2005 at 03:16 AM in Google | Comments (9) | TrackBack (1)

Security advisories for old versions of Firefox

Dan Veditz has updated the Mozilla Foundation Security Advisories page with information about holes that were fixed for Firefox 1.0, Thunderbird 0.9 and 1.0, and Mozilla 1.7.5.

None of the holes were arbitrary-code-execution holes, which surprised me. The worst hole fixed for Firefox 1.0 was the javascript: Live Bookmarks hole, which required some user cooperation and allowed attackers to steal cookies and sometimes execute arbitrary code. In contrast, many previous Mozilla and Firefox releases included new fixes for memory management holes such as buffer overflows. Exploits for memory management holes are harder to write, but they allow attackers to execute arbitrary code without getting any cooperation from users.

Posted on January 25, 2005 at 09:45 PM in Mozilla, Security | Comments (10) | TrackBack (0)

Tom O'Malley-Finkel-Harris-Smith

Ever wonder what will happen when all the people with hyphenated last names start having grandchildren? Alaskan musician Lou Nathanson has an answer on his CD, Genetically Enhanced.

Posted on January 25, 2005 at 08:48 PM in Music | Comments (0) | TrackBack (0)

Bugfix for "Blogidate XML well-formedness"

The blogidate XML well-formedness bookmarklet now works for XML that is longer than several kilobytes. Previously, if it found an error in long XML, it wouldn't highlight the error or tell you what line it was on, and gave an error message instead. The fix was to add a Node.normalize() call before trying to extract the text of the error page generated by Firefox.

I primarily use this bookmarklet to help keep my blogs valid, but it also saves me time by catching errors that cause bad rendering in real browsers, such as forgetting to close a <strong>.

Original post about the bookmarklet

Posted on January 23, 2005 at 05:13 AM in Blogging, Bookmarklets | Comments (0) | TrackBack (1)

Updates on my life

Graduate school

I'm the TA for a discrete mathematics class. My responsibilities include running a Monday discussion, holding an office hour, and grading tests. I've led one discussion so far, and it wasn't as hard as I expected. One student even commented that I seemed to be prepared (hah!). In addition to TAing, I'm taking an undergrad class in cryptography and a graduate class in computability and complexity.

Overall, I'm not enjoying graduate school. I don't have many friends here, classes aren't particularly interesting, and I don't know what I'm going to research. I enjoy thinking about the computational complexity of puzzles and games, but that doesn't mean computational complexity research is for me. I'm interested in what it takes to write secure software and design secure user interfaces, but I don't know if those are real research areas.

Music

I'm no longer listening to Claremont Shades, USC Sirens, Blackmore's Night, Sting, Sixpence, Alanis, No Doubt, Vienna Teng, or Máire Brennan continuously. Instead, I'm listening to Evanescence - Fallen (mostly Bring me to Life, Whisper, and Imaginary), Joan Baez - Play Me Backwards (especially Stones in the Road and Through Your Hands), Strunz and Farah - Americas, and James Taylor - Greatest Hits continuously. I discovered Evanescence after hearing three college a cappella groups perform versions of Bring me to Life at two concerts in one weekend.

I found out that the song from Final Fantasy 6 that I feel like I've known forever is called "Terra's theme" or "Tina's theme".

Games

I'm addicted to a puzzle game by Pāvils Jurjāns called Net. I discovered it by reading Selene's game notes, which mostly covers RPGs. I think it is NP-complete, but I haven't thought about it carefully. I haven't played much Minesweeper (NP-complete) or Marble (I don't even know if it's decidable) lately.

I've also been playing RPGs. I played Wild Arms (ok) and Chrono Cross (good) over Christmas break. I tried Vagrant Story but didn't like it. Now I'm playing Xenogears. I like it so far, but it's very easy to get lost in 3D areas such as cities and forests. I will probably play Final Fantasy 9 next.

All of the RPGs are for the Playstation, so I've been them using an emulator called epsxe along with Pete Bernert's graphics plugins, some of which are open source. Playing games using an emulator has several advantages over using a console system: I can change the game's speed on the fly, save or load at any time, and play at the same time as my brother. It also has several disadvantages: I have to tweak the emulator settings for each game to keep it from freezing, and I have to choose between pirating the games and Playstation BIOS (illegal) or buying a Playstation and the games and then downloading them anyway (ridiculous).

Anime

Cal Animage Beta has been showing one episode a week of Midori no Hibi, Bleach, Samurai Champloo, Kyou Kara Maou, Phantom Memory Kurau, and Tactics. Midori no Hibi is my favorite of these series.

Movies

I loved Kinsey. My favorite scene was the one with the lesbian woman (not a sex scene). The religious right's response to the movie made it even better (more Kinsey-related links). I liked The Incredibles and Garden State. I didn't like Team America, and I found Mean Creek confusing.

Keepers of Lists

I contributed high-scoring items to Signs You Are Not Drunk Enough, Reasons To Move To Canada, and Signs You Should Stop Writing Items For Keepers. I contributed more items to Signs You May Be A Terrorist than the person who started the list. Over half of my items have been getting getting positive scores recently, which is a welcome change. I submitted five new lists, which will be accepted or rejected for publication over the next few months.

Existing personal projects

Pornzilla and Thumbs have been getting a lot of hits, even though I have not put much effort into them lately. The top five search phrases that bring people to squarefree.com are "porn" (150/day), "pornzilla", "thumbs", "best porn", and "free porn". (The next two are not porn-related: "bookmarklets" (25/day) and "burning edge".) I've only been updating The Burning Edge once a week, in part because the Firefox trunk isn't very exciting right now.

I'm way behind with incorporating feedback and submissions for bookmarklets and Thumbs.

Posted on January 17, 2005 at 07:21 AM in Games, Humor, Me, Music, UCSD | Comments (3) | TrackBack (0)

Coming soon to squarefree.com

I have trouble completing personal projects that take longer than a weekend. I often lose interest after doing the interesting parts and procrastinate indefinitely on completing the projects since they have no deadline. In August 2004, I set a goal compatible with my attention span: "start and finish one interesting project every weekend". This goal helped me write a bunch of Firefox extensions and one or two Firefox patches, but of course it didn't help me finish longer projects. Now I have several half-finished longer-than-a-weekend projects piled up.

I'm hoping that this "coming soon" post will make me finish at least some of these projects soon. Also, you can tell me which projects you want me to finish first.

  • A novel attack against something that was proven secure using a what I think is a poor definition of security.
  • A proof that a popular puzzle is NP-complete.
  • A list of some of Firefox's weaknesses, design elements that can lead to security holes.
  • Security tips for Firefox users (current version). Since this document is already 7 printed pages long without screenshots, it may be more effective at pointing out critical user interface flaws in Firefox and Windows than at educating users.
  • Security tips for web application developers (current version).
  • Security tips for Firefox developers and extension developers (current version).
Posted on January 17, 2005 at 07:05 AM in Mozilla, Research, Security | Comments (6) | TrackBack (1)

Google expands some acronym searches

A search for np tree turns up a lot of hits for Joshua Tree National Park, with the phrase "National Park" bolded in page titles and snippets. This doesn't work for all searches involving the term np -- for example, it doesn't work for a search for np by itself. How new is this feature? What other acronyms does Google expand?

Posted on January 17, 2005 at 06:46 AM in Google | Comments (4) | TrackBack (0)

Text editors

In college, I knew some people with strong opinions about text editors.

Erika: gvim is one of the two true text editors.
Gabe: The other being vim?

Professor O'Neill defines mode error for the User Interface Design class and gives some examples.
Student: So when I'm using vim, and I forget to press 'i' before typing text, that's a mode error?
O'Neill: Yes. Using vim is a mode error.

I use Win32Pad for most editing. It's faster than Notepad, supports most of the keyboard shortcuts I'm used to (Ctrl+Left, Ctrl+Shift+Right, clipboard operations, etc.), and includes a few of the features I think every text editor should have, such as block indent, auto-indent, and clickable URLs. It's missing a few features I'd like, such as preventing me from opening two instances with the same file. It also doesn't support Unicode well, so I have to use Notepad for web pages that contain both Polish and French text.

Posted on January 17, 2005 at 12:55 AM in User Interfaces | Comments (10) | TrackBack (0)

Signs you might be a terrorist

I wrote two thirds of the items on Top 21 Signs You May Be A Terrorist, today's list on Keepers of Lists.

Posted on January 16, 2005 at 05:15 AM in Humor | Comments (0) | TrackBack (0)

Tsunami survivor

I ate dinner with a student from my crypto class named Ishani. As we were walking toward the food court, she told me that she is from Sri Lanka and survived the tsunami by holding onto a tree.

Posted on January 13, 2005 at 06:19 AM in UCSD | Comments (2) | TrackBack (0)

New JavaScript cryptogram helper

The first homework problem in my crpytography class was to break a cryptogram. After looking at the other cryptogram helpers on the web, I created the JavaScript Cryptogram Helper. It lets you paste cryptograms, highlights all instances of the selected letter in blue, and shows a table with letter frequencies to facilitate frequency analysis. The UI was inspired by Teppo Pihlajamäki's Flash cryptogram game.

Posted on January 13, 2005 at 04:55 AM in Cryptography | Comments (1) | TrackBack (0)

Internet Explorer drops support for bookmarklets?

Internet Explorer no longer lets me drag bookmarklets. When did that change? I can drag http: links, but not javascript: links.

(Internet Explorer's support for bookmarklets has declined steadily since IE 5.5. IE 5.5 supported 2083-character bookmarklets. IE 6.0 only supported 508-character bookmarklets. IE 6.0 in XP SP2 only supported 508-character bookmarklets and counted spaces as several characters.)

Posted on January 12, 2005 at 08:26 PM in Bookmarklets | Comments (10) | TrackBack (0)

Make butter, not guns!

I saw a UCSD student wearing a "Make cows, not war!" shirt from Cowparade Prague. It made me think of the phrase "guns and butter" from economics.

Posted on January 11, 2005 at 03:02 PM in Politics | Comments (0) | TrackBack (0)

--eBay

After I bought a textbook from eBay's half.com, half.com offered me $10 off my next purchase. The fine print said that if I accepted the $10 off, Reservation Rewards would then charge my card for $9 a month indefinitely.

eBay, which invests heavily in helping legitimate buyers and sellers trust each other, is now directly associating itself with and promoting a scam.

Posted on January 09, 2005 at 05:38 PM in Reputation | Comments (2) | TrackBack (1)