How hosting foreign files risks your users security

I found this interesting post about a security hole in Google Code. Its quite complex, though the post is written very well, so you’ll be able to get the point easily.

Basic idea is that thanks to some tricks you can get a Java file thats uploaded to Google Code to start from everywhere and have access to the whole google domain. So if you’re a Google user and you are logged in this java applet is logged in as well.

Google was able to disable this unwanted functionality, but I’m pretty sure that if you search for other websites with those problems you’ll find em out there.

How hosting foreign files risks your users security

Gooogle missed this one

Google (yes, two o’s) seems to be quite interested in misspelled Google-domains.

If you use www.gogle.com or www.goggle.com or www.gooogle.com, they all go back to Big Brother himself.

The same seems to be valid for Germany, There is www.gogle.de and www.goggle.de, but then there is this nice www.gooogle.de. Its not owned by Google, but for whatever strange reason there is no content either. By just putting a link to Google and some ads on that one you should be able to make some money without any effort. And for some reason Google doesn’t bother, otherwise they could’ve sued them and would own that domain by now.

Yeah, it is easy to get a domain by law if your big, heres an interesting article about Names not being worth anything anymore.

Gooogle missed this one

One Scripting Language to rule them all

Obviously thats Perl. Or, more precisely, that will be Perl 6.

Yeah right, you might think. That Scripting Language that has a release date like Duke Nukem Forever. Its done when its done.

But seriously, here is an article that will enlighten you, written by Larry Wall himself

Now this article is really cool and absolutely unbiased. 😉

But honestly, Larry writes about more programming languages than you can name. Different aspects of all programming languages are also covered, its long, but its a must read!

One Scripting Language to rule them all

Microsoft sells Linux Support to Renault

No, thats not a joke! See the news on the Microsoft page!

I knew that Novell had some deals with Microsoft, and that the FSF didn’t like that at all. One more reason for the GPL3 as it should prevent this.

But I didn’t know that Microsoft is selling Linux Support. Well, it is a bit strange as Microsoft sold it to Renault but Novell will deliver the (SuSE) Distribution and the support, no work for Microsoft itself.

I do understand that Renault didn’t want to switch from their existing Linux to Windows, and that buying from Microsoft is always a good thing for not getting fired, even if everything goes wrong.

But whats in this for Microsoft? Sure, they will get some money, but I doubt that they need that money. They had a record second quarter. Maybe Microsoft is already desperate enough to do this to keep companies like Renault at least as Desktop Windows clients.

Microsoft sells Linux Support to Renault

Sky TV New Zealand Or how to treat possible customers. Not.

Lately I thought about getting Sky TV installed. The main reason why I wanted to do it now was that I moved house lately and that the satellite dish was already installed. I’m still not 100% sure how that works here in New Zealand as it seems that Sky installs those dishes for free but owns them therefor. I just know how it is in Germany with the local PayTV Premiere, its all your own business.

Continue reading “Sky TV New Zealand Or how to treat possible customers. Not.”

Sky TV New Zealand Or how to treat possible customers. Not.

Transparent Proxy as Adblock using Tinyproxy and Dansguardian

As I mentioned in my last post about the migration from Gentoo to Kubuntu I’ll write about how to setup iptables, Tinyproxy and Dansguardian as an Adblocker. That said the setup might be better using Squid instead of Tinyproxy. Why not having a caching transparent proxy around? I don’t do that because I installed all of that on my Notebook and caching there wouldn’t make much sense as the applications cache anyway (per default).

Continue reading “Transparent Proxy as Adblock using Tinyproxy and Dansguardian”

Transparent Proxy as Adblock using Tinyproxy and Dansguardian

Migration from lovely Gentoo to feisty Kubuntu

A few weeks ago I decided to migrate my Notebook from Gentoo to Kubuntu.

Now why would anyone want to do that? Well, as I use Kubuntu in the office I realized that its easier to handle for my partner Britta, with all those GUI settings and popups if you attach something (mp3 player, …) etc.

Continue reading “Migration from lovely Gentoo to feisty Kubuntu”

Migration from lovely Gentoo to feisty Kubuntu

Why WordPress? Why wordpress.com?

So why the heck did I choose WordPress, this buggy, always security-holed piece of code?

Well, one point is that I use(d) wordpress at work, the non-public blogs we have are WordPress blogs. Even the site itself is using wordpress, I think thats a bit too much, I wouldn’t do that but who cares… 😉

Second, I am in the lucky position that I do some development on our SEO title tag plugin. Thanks to an ex-workmate I am now the only person who ever worked on this plugin… Well, therefor I’m mentioned there…

And then there is the main point, wordpress is indeed easy to use as long as you are not responsible for the security and maintenance. Thats the reason why I use wordpress.com, these guys have to do that. So I’m outsourcing without paying for it, sounds like a good idea… 😉

There come some not so nice things with using wordpress.com, you can’t use plugins and you cannot modify the layout (there are quite a lot of themes to choose from). Well, you can pay for being able to change the CSS file, but that would somehow ruin the whole point.

So don’t get me wrong, I’m not a big fan of wordpress (as I’m not of PHP) but I can work with it…

Why WordPress? Why wordpress.com?

Google, Googlebot and the robots.txt

Today I talked with a workmate about Googles and Yahoos different behaviour according to the robots.txt. It seems that when Yahoos Inktomi starts to crawl from a datacenter it first gets the robots.txt. Google seems to have this data available in all datacenters and bases its refetching probably on time or maybe new urls? This is pure guessing of course.

Continue reading “Google, Googlebot and the robots.txt”

Google, Googlebot and the robots.txt