Back from my blog Vacation…




July 13th, 2006


OK so I didn’t actually go anywhere.  Just didn’t feel like blogging.  But just because I didn’t feel like blogging, didn’t mean I wasn’t thinking about blogging, just that the words never made the conversion from brain to keyboard. 

So what have I been doing?  I built a new PC, which I’m very pleased with.  Well I love the performance I’m not overly in love with the case.  It comes with a smart door on the front to hide up the drives and the on switch etc, but I’m not overly big on appearances, so I whipped the door off so that I could get to the DVD drive easier and the combined card reader, temperature & fan monitor, USB & firewire port that I installed.

It’s been good to be goofing off for a few weeks while I installed everything as well as putting the system through some hard-core Oblivion benchmarking!  

Kathie
(currently leading a couple of video and digital photography classes over at CNET )



Browster thoughts



June 3rd, 2006


Browster is an interesting little plugin for both Internet Explorer and Firefox that I came across today via Roland Piquepaille at ZDNet. Browster is free to download and easy to install, which is always a bonus.

But, while it is very handy (particulary with blogging in mind) to be able to see the entire content of a link without moving to that page, I do have my concerns specifically in regard to Browster's prefetch function.

For example if you're searching for a term that has an alternate meaning, Browster is by default set to prefetch all those pages turned up in the search results. Let's face it we've all at one time or other searched for a word or phrase then thought better of it once we saw some of the unsavoury search results that were returned! In that circumstance I don't like the thought of the targets of those links being downloaded to my hard disk.

Legally that's another issue again. Theoretically, prefetching those pages (caching them to your hard disk) would be a criminal act and could land you in a heap of trouble. I seriously doubt the law would make the distinction between pages that were automatically prefetched by the software and something which was deliberately and consciously downloaded.

Think I'll be turning off the prefetch option!

    Updated to add...

Google Adsense and Browster
If you run Google Adsense on a website you will probably be aware that you mustn't click on your own ads. Doing so violates Google's terms and conditions, and Google can and will track you down! When I click save on this WordPress post my browser will refresh to the front page of my site where my Adsense appears. Browster will prefetch all the links on that page, hence my predicament. On the upside Browster doesn't seem to be displaying the little icon above the link that indicates that I can view the entire page by hovering over it when I hover over the Google links, but I still can't be sure that the pages haven't been prefetched. Need more info!

(There is a partial answer to the question of ads on Browster's forum suggesting that possibly ads are blocked 'by design', but again this needs more clarification as they may be referring to whether or not the plugin is designed to deliver pop up style ads to the user, rather than whether ad blocks such as Adsense are excluded from the hover to view function.)

As Blarney rightly pointed out yes my Google ads are being prefetched, so this is more serious than I thought. Not just due to the issue of prefetching (which can be turned off), but also because it can be difficult enough at times not to accidentally click on my own Google ads, it'll be even harder still not to accidentally hover over them ... thus opening out the Browster window and racking up a click-through.

For me, I think it's time to uninstall Browster ... shame because I do think it's rather cool. But it represents too much danger because of:

  • the issues of unintended unsavoury content being downloaded,
  • the possibility as Adrian pointed out of opening sites which have active content that could be malicious
  • the risk of getting kicked off Adsense for 'clicking' my own links via prefetch or by accidentally hovering over Google ads

.



How to tell the difference between Web 1.0 and Web 2.0



June 2nd, 2006


This is so true!



WordPress 2.0.3



June 2nd, 2006


The WordPress team have released an updated version of the WordPress blog platform.  WordPress 2.0.3 includes the following updates:

  • Small performance enhancements
  • Movable Type / Typepad importer fix
  • Enclosure (podcasting) fix
  • The aforementioned security enhancements (nonces)

Upgrading should be a pain-free process of overwriting files and running a database upgrade when accessing the admin panel.



Adrian’s got a new blog over on ZDNet



June 1st, 2006


Exciting news today. Starting today Adrian will be talking about Hardware in his new blog over on ZDNet. No he's not abandoning PC Doc; the two sites will complement each other very well, I think.

Go for it Adi!



Click to run an ActiveX control on this webpage



May 31st, 2006


It seems to me that Microsoft is always very good at covering their own backs but not so good when it comes to protecting the user.  How many times do you see a Windows Genuine Advantage update come in that's out of step with Windows Updates (even when there's a serious vulnerability about)?  Quite often, I find.

I feel the same way about the changes that Microsoft made to Internet Explorer is response to the patent dispute between themselves and Eolas Technologies which basically meant that you have to click to run certain kinds of ActiveX.

Click to run an ActiveX control on this webpage

I have a question though - since Microsoft decided that pestering the user with a dialog box was a good way to go in this case, why not add a second option to the dialog box - a Cancel option.  That way users would get the option whether or not to run the ActiveX control.  It might make people think a bit more about security issues surrounding ActiveX.

Additionally, as far as most users were concerned, Microsoft introduced this change silently.  One day users just start seeing this box appear.  Think usability!  How about some help people?  We're already telling people to be on the lookout for suspect dialog boxes and you introduce one without making it clear what it's about.  Sloppy.

Read more ...



WordPress PHP code injection vulnerability



May 26th, 2006


Secunia is reporting that a vulnerability is present in [tag]WordPress [/tag]2.x which could allow hackers to gain remote access.

This vulnerability has been confirmed in WordPress 2.0.2 and may affect other versions (but not pre-2.0 versions since this doesn't use cache files).

The current recommendation is that access is restricted to the following directories:

  • wp-content/cache/userlogins/
  • wp-content/cache/users/


“Drupal emails gone astray”



May 17th, 2006


"My Drupal password emails are considered spam by my spamfilter so I found them in the spam folder. Why is this?"

Your Drupal installation isn't set up correctly to send email, so, because important information is missing from the header of the email, your filter is regarding them as spam. In Drupal go to administration, click settings, general settings and type in an email address that the installation can use to send email from. This should fix the problem.

However, doing the above will probably generate the following error: "The directory files does not exist." Create a directory in your drupal root called "files". Set CHMOD to 777 on this folder.



Viewing Style Info with Web Developer Extension



May 12th, 2006


I noticed today that the ‘View Style Info’ from the Web Developer Extension in Firefox had stopped working.

I could hover over an element within a web page and it would reveal the markup in the status bar as usual but when I clicked it didn't deliver the style info about that element. I think this is one of the best features of the [tag]Web[/tag] Developer Extension (but then it's hard to choose as there are so many!) and it's certainly one that I use most, so losing it was disheartening.

I spent an anxious few minutes searching the web for souls with similar afflictions, all the while wondering if somehow ... Bill Gates had driven a truckload of Chris Pederick's door to tempt him to remove this most valued functionality (and ..gasp..Internet Explorer beta toolbar? The one that constantly crashes IE if I install it.  No! He'd never be tempted to the dark side!!).

Anyway sense and search prevailed and I found the answer here. Apparently when I installed the latest [tag]Firefox[/tag] a few days ago I only did a standard install which doesn’t install Developer Tools and hence the DOM inspector wasn't available.  Note to self: always do a custom install next time!

Thanks Chris!  I’m a happy bunny again …



WordPress & Microsoft Fingerprint Reader



May 11th, 2006


By default, users of Microsoft’s Fingerprint Reader are frustrated whenever they try to login to WordPress sites.  This is because the software refuses to recognize the WordPress logon screen as a something you can input a password into. 

 

The fix is thankfully a very simple edit to the css file that handles the login screen. (/wp-admin/wp-admin.css)

#login #log, #pwd {
 font-size: 1.7em;
 width: 80%;
}

If you edit the font-size to be 1.2em or less the [tag]Fingerprint[/tag] Reader will recognize the field as a logon and store your password for you!

(This works for [tag]Wordpress[/tag] 2 or higher. For previous versions edit the embedded style rule in the file wp-login.php).

As an aside, I'm keeping my eye on the FingerFox Extension which enables you to use the Fingerprint Reader with the Firefox browser. I'm not quite ready to take the plunge with the app just yet ... Perhaps when it shows up in the Official list of Firefox Extensions?? Eagerly waiting!

Updated Oct-26-2006

Important note for Microsoft Fingerprint Reader users with Internet Explorer 7. Oct 26 2006
Internet Explorer 7 is now out of beta and will start to be delivered to Windows users via Automatic Updates shortly. As it stands at the moment there are some serious problems in conjunction with the Fingerprint Reader:

  • Existing passwords to websites (accessed via IE6) no longer work.
  • Adding new passwords works but it is very slow and quirky.

We would recommend that before you install IE7 or run Windows update that you make certain that you have an alternate record of your passwords, for example stored in Password Safe (download free from Sourceforge).



%d bloggers like this: