almost effortless

Trevor's Links

Ron Carmel explains 2D Boy by the numbers

2D Boy's Ron Carmel opened up this year's Independent Games Summit hoping to somewhat demystify the process of starting your own indie studio (which he summarized with the following three steps: "save money, quit your job, and make a game"), and in doing so divulged their own by-the-numbers breakdown of how their goo-built world was formed.

Tuning the Toad

As we wrote just over two weeks ago, Hoptoad was having a hard time keeping up performance when certain websites were submitting thousands of errors at the same time. Fixing this became out highest priority and, as I promised then, we will outline the changes we made that have helped us to be able to weather the error storm.

Most Time Management Is Rubbish. Here Are Ten Things That Work for Me.

Over the last few years, I’ve read a ton of time management books and tried out literally hundreds of systems and standalone ideas for maximizing the effectiveness of my time, particularly in terms of my work.

Now is a Great Time to Be a Media Maker

The distance we’ve come in the decade and a half since I was driving newspapers over highway 17 in a VW Bug is astonishing. I look at the tools available to media makers today and can hardly imagine a more ideal environment. So why is it that all we hear about the media industry is doom?

TwitterAuth: For Near-Instant Twitter Apps

The public beta of Twitter OAuth support has been released and I’m excited to introduce a new library that I’ve been working on called TwitterAuth. TwitterAuth is a Rails plugin that provides a full external authentication stack for Rails applications utilizing Twitter. Think of it as “Twitter Connect” for Rails, letting you create an application that may be logged into using only Twitter credentials.

How to handle exception while developing api in ruby on rails

If the request was made for an html page then rails will handle the exception and will show the appropriate error page depending on if you are running in development or production mode. However for .xml there is an issue. If it is an API request then ,in the case of an error, you still need to send an xml response with the error message. Question is how to handle exception in a generic way.

The Three20 Project

Last week I released my first iPhone open source project, Facebook Connect for iPhone, and today I'm ready to start talking about the next one. Five months ago I talked about open-sourcing as much of the Facebook iPhone app as I could, and as you can see by the delay, that has turned out to be easier said than done.

Why Facebook has never listened and why it definitely won’t start now

Let’s say you’re walking down University Ave. in Palo Alto, California in a couple of years (or, really, any street in the world) and you’re hungry. You pull out your iPhone or Palm Pre or Android or Blackberry or Windows Mobile doohickey and click open the Facebook application. Then you type “sushi near me.” It answers back “within walking distance are two sushi restaurants that more than 20 of your friends have liked.”

Why Small Payments Won’t Save Publishers

Meanwhile, back in the real world, the media business is being turned upside down by our new freedoms and our new roles. We’re not just readers anymore, or listeners or viewers. We’re not customers and we’re certainly not consumers. We’re users. We don’t consume content, we use it, and mostly what we use it for is to support our conversations with one another, because we’re media outlets now too. When I am talking about some event that just happened, whether it’s an earthquake or a basketball game, whether the conversation is in email or Facebook or Twitter, I want to link to what I’m talking about, and I want my friends to be able to read it easily, and to share it with their friends.

Ruby’s Biggest Challenge for 2009

When new developers come to the Ruby world, lets greet them with Ruby 1.9.x. In the long term, doing so will improve our growth as a community more than any marketing effort ever could (and the two efforts are not mutually exclusive either). Ultimately, Ruby’s biggest challenge may just be our greatest opportunity to improve.

Newspapers and Thinking the Unthinkable

With the old economics destroyed, organizational forms perfected for industrial production have to be replaced with structures optimized for digital data. It makes increasingly less sense even to talk about a publishing industry, because the core problem publishing solves — the incredible difficulty, complexity, and expense of making something available to the public — has stopped being a problem.

Timothy's Links

T-Mobile "My Account" App

This another of those "it should have come out with the launch of the phone, but what they hey--now that it's out, all's forgiven" kind of apps. Basically, it's your complete T-Mobile account data in application form. Very Apple-like.

The politics of the command line

Pass this along to friends and family who need a primer in F/OSS, GNU, etc. Tell them that taking 10 minutes to read it carefully is easier than watching an hour long Stallman documentary. For a number of reasons.

Fox News Pictographic Synopsis

Normally I try not to think or care about infotainment--I just sort of hope Jon Stewart and Bill O'Reilly will cancel each other out and the whole phenomenon will un-happen--but this is too good a compilation of Fox News screencaps to leave it un-bookmarked.

Teleportation, the last battle, and the Creator talks: How the world ends inside an online game

This is a fun blurb from CT on "eschatology as a design challenge" that, unlike good sci-fi, suggests an interesting idea, hangs just enough metal on it to make it run and then walks away from it without beating it to death.

Op-Ed Contributor - Dear A.I.G., I Quit! - NYTimes.com

lolcano. Nice try, PR guys, but if a heartfelt resignation letter full of dubious logic, apple pie cliches and evasive non-facts is the best you can do by way of laying out a decoy and deploying chaff, then you have, once again, failed utterly to succeed.

Election Fraud in Kentucky

Normally I wouldn't bookmark a Schneier post, but this one is kind of special. Using clips from other articles, he basically makes the point (in a very reductive, minimalist, Bonsai-gardener kind of way) that the security "industry" is 90% sales, 5% hype and 5% actual security solutions: there's a lot of talk about the implications of this, the vetting of that and what it boils down to is the fact that the entire commercial edifice is just an elaborate front end for one poorly designed user interface.

Core Duo Vista Powered Super Famicom

I'm pretty sure that this is a modern computer inside a Super Famicom case. Which, I'm also pretty sure, makes it the coolest case mod I've seen in a long, long time.

Hitachi Settles Price-Fixing Case for $31 Million

In case you didn't know, Korea's LG, China's Chunghwa and Japan's Sharp constitute something of a cartel. Not unlike the old-timey RAM cartel, these Mega Corps work as a sort of monopoly of convenience, setting (i.e. fixing) prices on LCD's in everything from phones to monitors in order to maintain a balance between profitability and existential security (too much freedom in the marketplace, while potentially good for consumers, isn't in the best interest of government-subsidized Mega Corps whose business models depend on anti-competitive legislation in order to maintain profitability). Add Hitachi to the list.

gcalcron

This is a fun kind of "get your toes wet with linux" type of project that you could suggest to your "I want to learn about linux, but I'm not ready to junk my MacBook just yet" friends. The gist is that you "install" this cat's .py script on your remote machine and this script acts as an interface between the box and a Google calendar you set up. You enter bash commands into the calendar entries and it uses the times you set with the gCal interface to tell cron when to pop them off. What it lacks in simplicity (by being an incredibly convoluted "work around" for spending 10 minutes with the cron man page) it makes up for in colorful, user-friendliness.

Here's a quick tip that Jonathan Yurek, author of Paperclip, was kind enough to help me with. It's a simple way to have a randomized filename for uploaded content. This is useful for security through obscurity, especially when used with Paperclip's id_partition interpolation helper:

 
class Photo < Asset
 
  has_attached_file :image, :path => ":class/:attachment/:id_partition/:basename_:style.:extension"
 
  before_create :randomize_file_name
 
private
 
  def randomize_file_name
    extension = File.extname(image_file_name).downcase
    self.image.instance_write(:file_name, "#{ActiveSupport::SecureRandom.hex(16)}#{extension}")
  end
 
end
 

That would, for example, change an uploaded image named "DS_100.JPG" into:

http://example.com/photos/images/000/001/204/e15f64f5e7gjdo3e4ae58f4ed9j925f5.jpg

That makes it effectively impossible to guess the location of an image, provided that you don't allow people to browse around the directories on your server. This is the same method of privacy protection that Flickr uses, and it ought to be enough for most non-governmental privacy needs :)

Trevor's Links

Twitter OAuth Ruby Example

This is the first of what I hope to be several examples of using OAuth as a developer. Our OAuth server implementation is in open beta and I want to show an example of how to use it. As the implementation is still in beta, feedback is appreciated as you begin your integration. If all goes well I'll post on using OAuth from other languages in the future.

The Great Rails Refactor

Yehuda Katz at Confreaks: MountainWest RubyConf 2009.

Google Reader hacks

I've come up with a system that seems to work for me on OS X, at least for extensive testing purposes...

smartly save stashes in git

I seem to be using stashing more and more, and I’ve found that seeing the stash list output looking like this isn’t very helpful...

3 Simple Guidelines for Contributing

I promise you that if you do these three things each time you contribute to a project, your changes will not only get pulled in faster, but you will become a more rounded and skilled programmer.

Timothy's Links

I left a linux machine online with ssh open for a day. It dropped incoming login attempts after the username. These are the usernames tried. : reddit.com

I know it's kind of weirdly meta and redundant to bookmark a reddit, but this one has a list of names that might be useful in creating a security policy for linux user names on Internet-facing boxes.

NSLU2 Debian Lenny Upgrade - solving the possible network problem

I'm bookmarking this because it taught me something I managed to not learn in spite of having had a slug on my home network for over a year now. To wit: if you bork your network setup, reboot your slug and find that you can no longer dial in with SSH, simply power it down, pull the USB drive you're using as /, slot it up in another machine and edit your slug's conf files in your favorite editor. Nice.

Trevor's Links

timocratic's test_benchmark

Rails plugin (and/or ruby gem) for benchmarking your test::units. [This has to be one of the best gems I've come across in a while. A+++]

Slow tests are a bug

Most Rails projects I’ve worked on have ended up at around 3,000-15,000 lines of code, with a roughly as many lines of test code, and most have test suites that take a minute or more to run. Our test suite for Tumblon, for instance, churns along for 2.5 minutes. This is a too slow. And slow tests are a problem for at least two reasons: they slow down your development and decrease code quality. [Note the awesome plugin linked in the comments!]

Sinatra block parameters

The latest master Sinatra now supports optional block parameters. It captures any parameters in the URL and passes them into the block that defines the action.

When Overusing self Turns Into self.pity

Wow, so simple. Much easier on the eyes, and the intention is clear right from the start. My rule is simple: When assigning to an instance variable, use self, calling a method on the other hand should stand all by itself. Now, you could argue, that assigning to an instance variable using its accessor is also a method call, but if you really want to argue about that, you should really read this blog entry again.

Temporarily disable ActiveRecord callbacks

I was recently working on a client project and I had to create a rake task to import a large set of data from a spreadsheet. One of the models that was being imported had an after_save callback that sent out an email notification. I didn't really want 3500 emails to be sent out whenever this rake task was ran, so I needed to disable the callback while the import task was running.

Readability

Reading anything on the Internet has become a full-on nightmare. As media outlets attempt to eke out as much advertising revenue as possible, we're left trying to put blinders on to mask away all the insanity that surrounds the content we're trying to read.

state_machine

After 2 1/2 years... I’m finally officially announcing a project I’ve been quietly working on: state_machine... This is a project which has undergone many rounds of rewrites, but which has finally met its goal, in my opinion, to become the easiest, sexiest, yet most powerful state machine library for the Ruby language.

The size of social networks - Primates on Facebook

Several years ago an anthropologist concluded that the cognitive power of the brain limits the size of the social network that an individual of any given species can develop. Extrapolating from the brain sizes and social networks of apes, Dr Dunbar suggested that the size of the human brain allows stable networks of about 148. Rounded to 150, this has become famous as “the Dunbar number”.

The 5 P's of Twitter's runaway success

Actually, I think we enjoy claiming we can’t describe what Twitter is, yet a closer inspection of it yields not only a better understanding of it but also why it’s become so prevalent in the media lately. And when that kind of inspection occurs, it’s not surprising to the inspector why Twitter is where it’s at today.

Twitter = YouTube

YouTube now gets more searches than Yahoo, Google's closest search rival. YouTube was the single fastest growing new form of search on the Web, and Google pretty much outflanked (and outspent) everyone to buy it. Not to get into video monetization, per se, but to harvest and control the most important emerging form of search. In short, Google could not afford to NOT own YouTube.

Timothy's Links

Monsanto is Putting Normal Seeds Out of Reach

This week's "Rage at the Mega Corps like Lear on the Heath" post is about Agricultural Goliath, Monsanto. Monsanto, a Mega Corp whose operational expenses are almost fully subsidized by our federal government here in the States, has gained much notoriety for sabotaging independent farming operations and, more importantly, running anyone who doesn't farm their brand of genetically modified corn out of business by installing puppet legislators in important positions or simply using its powerful lobby to write its own legislation and have dupes (like Illinois' own Michael Madigan) push it through.

contxts - mobile sms business cards

This is my gadget/widget par excellence du jour: basically, you give their database your basic contact info and then, if anyone SMSes your username to 50500, they get your contact info back. Nifty.

High Performance Web Sites

This is a good checklist to run through whether you're working up a framework from scratch and need to keep optimization principles on a front burner or whipping up a quick, stop-gap kind of ap that needs to work lickety-split with a minimum of fuss.

7 Badass Cartoon Villains Who Lost to Retarded Heroes

What else can you say about cracked.com? They're on focus, on message and on point.

Secure deletion: a single overwrite will do it

This article has some simple stats that supposedly debunk the urban legend that you've got to write zeroes (or whatever) over the whole disc to securely delete a HDD. It doesn't so much debunk, however, as it makes a point not unlike PGP's point: the obscurity provided by a single over-write is /pretty good/, but not perfect. Your best bet is still the Gauss rifle...I mean degausser.

Wildwood Survival - Fire Basics

The original survival skill is, of course, making fire. You can never know too many different ways to a.) start or b.) build a fire: file this under "urban, suburban and rural survival tips"

24 Samsung SSDs get strung together for supercomputer fun

This is an article with still pictures (instead of moving ones) that outlines the viral video sweeping the Interwebs in which a plucky admin wires 24 flash drives into a single, desktop-size case.

10 common mistakes using robots.txt

This is totally rudimentary--it's written more for the copyeditor/SEO enthusiast in your shop, not for the cowboy/console man--but it's a good reminder of syntax for ye olde robots.txt file. Remember: there's no notification if your robots.txt file doesn't parse right...except for deprecated levels of your site showing up in Google.

Mdadm Cheat Sheet | MDLog:/sysadmin

This will be utterly useless to anyone who isn't experimenting with software RAID on 2.26 kernels. For those of you who are just getting your feet wet with mdadm (e.g. YT), this crib-sheet is a nice resource. That might just point out some things you would otherwise have to plumb the dreaded man page for.

Nick explains CLICK.

I helped out with the clicking backend for the site. It's a disgusting mess of PHP and MySQL, or else I'd share the code... :P

It's amazing to think that this thing just under 3 million clicks!

We've caught a few people cheating, and sparked some debate on Hacker News. Still, it looks like a lot of people really love to click the stupid thing. There's just something about it...

Nick has been doing some awesome screencasts about productivity and some other stuff... You should go check them out if you're into GTD or Merlin Mann.

After you watch the video - GO CLICK THAT BUTTON!

Here's a quick little trick that I used to speed up my tests involving Paperclip by about 70%.

I posted it over on the Paperclip Google Group, which is a friendly and active place to hang out if you're a Paperclip user.

Here's an example using Test::Unit, which is still my favorite way to test :)

 
require 'test_helper'
class PhotoTest < ActiveSupport::TestCase
  setup do
    Photo.any_instance.stubs(:save_attached_files).returns(true)
    Photo.any_instance.stubs(:delete_attached_files).returns(true)
    Paperclip::Attachment.any_instance.stubs(:post_process).returns(true)
  end
 
  # tests...
end
 

The really important bit is stubbing out the post_process method. That took my unit tests down from 51.77 to 15.14 seconds. That's a HUGE win, especially if you consider slow tests to be a bug.

I'm not sure what kind of impact this has on test coverage, so you may want to consider not stubbing out the Paperclip internals in every case. I've got some separate "remote" tests that I run before deployments that make me feel warm and fuzzy enough. Let me know what you think about it. I've had really good results so far!

I was recently doing some server hardening on the computer that serves my email when, upon attempting to check my admin account, I got the following completely unhelpful, vanilla "encryption protocol" error from Thunderbird:

Thunderbird can't connect securely to because the site uses a security protocol which isn't enabled.

So, naturally, I whipped out T-bird's about:config, grepped the list for "ssl" and made sure that most of the contemporary ciphers were enabled (i.e. set to true). And once I was satisfied that things were on the up and up with my client, I decided to go have a look at the server.

Tailing mail.log, I noted this sort of thing happening over and over:

Mar 10 13:06:31 lana postfix/postfix-script[18701]: starting the Postfix mail system
Mar 10 13:06:31 lana postfix/master[18702]: daemon started -- version 2.5.5, configuration /etc/postfix
Mar 10 13:07:27 lana imapd-ssl: couriertls: connect: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher

This message sort of blew my mind: I was essentially being told that my client, a Debian (Lenny) workstation running Thunderbird, shared no openssl ciphers with my email server, a Debian (Lenny) box out in the wild.

Not being the sort to ignore log warnings, I decided to verify. From the client:

gonzo:/# openssl ciphers
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:RC4-SHA:RC4-MD5:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC4-MD5

A fairly robust list. From the server:

lana:/# openssl ciphers
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:RC4-SHA:RC4-MD5:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC4-MD5

Same cot-damn list.

"So what gives?"

I Googled around a bit and learned about "s_client", an argument for the openssl tool that lets you debug an SSL exchange. I ran the following on my client:

gonzo:/# openssl s_client -connect mail.XXXXXXX.com:993 -ssl3

It showed me that the port was open, but that there were handshake problems:

26282:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1053:SSL alert number 40
26282:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

From that cryptic output, I decided that it was time to dig into the SSL conf files over on the server.

After a little preliminary troubleshooting--a quick scan of /etc/postfix/main.cf and /etc/postfix/master.cf to check for obvious shenanigans--I decided to have a look at /etc/courier/imapd-ssl and found the source of my new SSL auth problem: I had, in my recent efforts beef up security, managed to overwrite my previous /etc/courier/imapd-ssl with a vanilla version of that conf file that had a big 'ol she in front of the argument that determines exactly which ciphers the IMAP daemon will use to authenticate requests: TLS_PROTOCOL was commented completely out, as was TLS_STARTTLS_PROTOCOL.

I took a quick look at the surrounding comments in the conf file and set both of them to "SSL23":

TLS_PROTOCOL=SSL23
TLS_STARTTLS_PROTOCOL=SSL23

I then reloaded postfix, attempted to connect with my client and, to my dismay, saw this roll up in the mail.log:

Mar 10 13:55:34 lana imapd-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

This message, while cryptic enough to send me off to scratch my head and pore over comments on OsDir and the Ubuntu fora, was one that I eventually figured out. It turns out that those two TLS protocol directives do not want to be identical.

So I chaged the file thus:

TLS_STARTTLS_PROTOCOL=TLS1

And, once I had reloaded the IMAP daemon and postfix, voila: a clean log-in!

Mar 10 13:56:52 lana imapd-ssl: Connection, ip=[::ffff:XX.XXX.XXX.XXX]
Mar 10 13:56:52 lana imapd-ssl: LOGIN, user=admin, ip=[::ffff:XX.XXX.XXX.XXX], port=[42130], protocol=IMAP

Trevor's Links

Letting things go

When you don’t have time for the things you really feel passionate about, look around yourself. What things are you hanging onto out of a false sense of obligation? Look beyond your assumptions, and you might be surprised at what can really go.

Rubular

Rubular is a Ruby-based regular expression editor. It's a handy way to test regular expressions as you write them. [A+++]

SoundManager 2

By wrapping and extending Flash 8's sound API, SoundManager 2 brings solid audio functionality to Javascript.

The 5 P's of Twitter's runaway success

Actually, I think we enjoy claiming we can’t describe what Twitter is, yet a closer inspection of it yields not only a better understanding of it but also why it’s become so prevalent in the media lately. And when that kind of inspection occurs, it’s not surprising to the inspector why Twitter is where it’s at today.

Twitter = YouTube

YouTube now gets more searches than Yahoo, Google's closest search rival. YouTube was the single fastest growing new form of search on the Web, and Google pretty much outflanked (and outspent) everyone to buy it. Not to get into video monetization, per se, but to harvest and control the most important emerging form of search. In short, Google could not afford to NOT own YouTube.

Procrastination and the Bikeshed Effect

This is one reason why I'm so down on architecture astronauts. I find that the amount of discussion on a software feature is inversely proportional to its value. Sure, have some initial discussion to figure out your direction, but the sooner you can get away from airy abstractions, and down to the nuts and bolts of building the damn thing, the better off you -- and your project -- will be.

Last Rites

The death of the newspaper is a depressing thing to absorb, but what’s much more disappointing to me is that I feel like news itself has been devalued. There’s an oversupply of news-”ish” information on the web, and people have decided — usually without realizing it — that free “news snacking” is a better value proposition than paying for in-depth reporting.

Database Versioning

Migrations bother me. On one hand, migrations are the best solution we have for the problem of versioning databases. The scope of that problem includes merging schema changes from different developers, applying schema changes to production data, and creating a DRY representation of the schema. But even though migrations is the best solution we have, it still isn’t a very good one. [Nice comments on this one, too. Especially mine :P]

Rack as a Transformative Figure

In the next few months, Merb and Rails will be making their routers a shared Rack component, and the same is true for a number of smaller elements, like parameter parsing.

Merb 1.1 roadmap, Merb & Rails3 news

If we want to make every single application, a potential mountable app, we need to namespace our applications. This is something we already do with slices, but currently generated applications are not namespaced. We are planning on doing that for 1.1 (backward compatible) to make mountable apps easier.

Offline Gem Server RDocs

Get Sinatra, Rubygems, and Passenger working for offline RDocs? Count me in. I saw this and new I had to have it. I’ve been on some long plane rides recently and I frequently find myself wanting to look up something from a gem’s documentation while I’m coding. You can use the gem server command but that’s just such a pain to do every time you want to look something up.

Timothy's Links

Microsoft Skull-fucks Iceland’s Economy, Contracts Syphilis

Ignore the inflammatory title of this article, memorize the talking points and have them ready for your next family gathering or office meeting. This is a fantastic summary (in plan language) of the micro- and macro-economic strategery of MS coupled with a healthy dose of intelligent outrage.

Scanwiches

What can I say? I found this enlightening and humorous. Images of scanned cross-sections of sandwiches. Simple. Elegant. Sandwich-y.

A Quick Look at Quick Uninstall

As John mentions, "Quick Uninstall" for your Android phone will live about as long as it takes for Google to recognize that what it provides is a basic functionality and integrate it into the Android trunk. Until then, however, this software is must-have if you (like me) are constantly downloading and uninstalling.

Debian Lenny PXE Installation on Dell PowerEdge 1950/2950 servers: bnx2 annoyances | MDLog:/sysadmin

WARN: Lenny's installer no longer supports Broadcom's NetXtreme II. Seeing as how this NIC (or one of its family members) is in pretty much every Dell manufactured in the last five years, this is an important "gotcha". Especially if you're dumpster-diving in Corporate America's dustbins for your hardware like me.

The Cadbury Creme Egg McFlurry - Slashfood

Sick.

Apple: Cosmetic Damage Keeps Us From Replacing Your Battery!

This is not marked because I consider it significant: anyone who has ever dealt with the "Genius Bar" knows that Apple's repair/replacement arm is about as interested in helping you out as Apple's retail arm is interested in charging you a reasonable rate for their products. What /is/ significant about this article is that there are, evidently, still people in the world who don't know this from experience. Like, until I saw this, I was convinced that everyone already had a wealth of Genius Bar horror story anecdotes. You could not have argued with me. I was certain. And then I saw this...

Firefox Tip: Prevent Firefox from Hogging Memory When Minimized

This is kind of key: LifeHacker writes about the about:config entry that lets you prevent FF from continuing to use memory when minimized. This is key: particularly if a.) you're minimizing it (instead of, e.g. giving it its own desktop) or b.) you have a nasty habit of leaving tabs open to websites that either automatically refresh or host flash media, etc.

The White House - Cyber review underway

Mostly I'm bookmarking this because its use of the term "cyberspace" as the one word summary for "communications and information infrastructure" made me laugh. And reminded me of William Gibson's cameo on Oliver Stone's "Wild Palms" where Kim Catrall introduces Wm Gibson with something like, "William invented the term 'cyberspace'" and the Gibber respondes, "And they won't let me forget it" before sauntering awkwardly off camera.

Wordpress mod_rewrite rules taking over mod_status

This is an interesting write-up of what happens if you've got a Wordpress install at the same TLD where you keep your Apache server-status page. Basically, Wordpress (quite correctly) ignores http requests for http://tld.com/server-status and dude shows you a sample apache rewrite for how to exempt requests for that specific URL from WP's automatic request redirection. Nice.

Why The New Watchmen Movie Will Bomb

I'm bookmarking this pretty much for the sole purpose of being able to come back to it next week and point out why thoughtful, delicate prognostication and careful made predictions are but a candle in the sunlight of enormous budgets. This movie will "succeed" commercially because it is massively over-funded. End of conversation.

The Authors Guild Sets Sights on Speak and Spell

So, here you've got a mildly derisive lampooning of the Author's Guild which, in the habit that the RIAA/MPAA have forced advocates of free expression/thought to become accustomed, seeks to portray the AG as a cartel and to represent their recent success in limiting the capabilities of the Kindle 2 as unfair or anti-competitive. And it's kind of funny. But it makes the wrong point. The AG, for sure, is in the moral/ethical/political/social/historical wrong. But the real point--the relevant point--is that the Amazon's desire to accommodate Mega Corp DRM schemes has finally been manifested in a design decision. That's the story here. Amazon put out a device that anti-DRM folks called flawed. Now we have a flaw to which we can point.

Trevor's Links

How FriendFeed uses MySQL to store schema-less data

After some deliberation, we decided to implement a "schema-less" storage system on top of MySQL rather than use a completely new storage system. This post attempts to describe the high-level details of the system. We are curious how other large sites have tackled these problems, and we thought some of the design work we have done might be useful to other developers.

Fit to be used

We tend to think of usability as applying only to interfaces. But it’s so much more than that. It’s about delivering something that’s fit to be used. That means it’s about writing copy that’s understood the first time. It’s about requests that are as easy to accomplish as possible. It’s about manuals that are one page instead of 40. It’s about code that you can paste in and works right away. It’s about putting yourself in the other person’s shoes. It’s about looking into the future, foreseeing any potential obstacles, and removing them. And that’s a great way to get people on your side.

Keywurl

Keywurl adds simple way of performing searches in Safari by letting you type short keywords as queries. Type a keyword and a query in the address bar, and it will be expanded into a predefined search.

4 Reasons to Prototype Rapidly

Here are 4 reasons for prototyping applications first. By prototyping, I mean an emphasis on building working applications rapidly.

CouchDB and Me

In this talk from RubyFringe, Damien Katz explains what drove him to create CouchDB, why he chose Erlang and more. [More personal than technical, but definitely worth watching.]

How to write a clean Ruby DSL - Part 2: Learning from Machinist

So, that’s how machinist works. It extends ActiveRecord to give the #blueprint and #make methods, then inside those methods makes a calls a method on the lathe class, which makes a new lathe object which deals with autogenerating attributes that we didn’t specify in make.

Net::SSH, Capistrano, and Saying Goodbye

I’m ceasing development on SQLite/Ruby, SQLite3/Ruby, Net::SSH (and related libs, Net::SFTP, Net::SCP, etc.) and Capistrano. I will no longer be accepting patches, bug reports, support requests, feature requests, or general emails related to any of these projects.

Batched Find in Edge Rails

Batched finds are best used when you have a potentially large dataset and need to iterate through all rows. If done using a normal find the full result-set will be loaded into memory and could cause problems. With batched finds you can be sure that only 1000 * (each result-object size) will be loaded into memory.

Building and Scaling a Startup on Rails

There are a bunch of basic functional elements to building out a popular Rails app that I've never really seen explained in one place, but we had to learn the hard way while building Posterous. Here's a rundown of what we've learned...

Startups in 13 Sentences

One of the things I always tell startups is a principle I learned from Paul Buchheit: it's better to make a few people really happy than to make a lot of people semi-happy. I was saying recently to a reporter that if I could only tell startups 10 things, this would be one of them. Then I thought: what would the other 9 be?

Timothy's Links

Portable toaster

Ho-lee-shit. If this is real--"this" being a ceramic device with carbon nano tubes that can summon enough heat to toast bread but which does not require batteries--then there is no price under $150 that is unreasonable.

Mini Oreo's being dunked in milk cup on Flickr

This is a cupcake--a real, life, edible cupcake--with a small cairn/navel/depression on its top that allows the user to fill the cupcake itself with milk. Must see.

HOWTO: Create a USB Debian Installation flash drive

This is a drop-dead-simple guide in the plainest possible language to creating a bootable USB drive that will install Debian. Knowing how to do this is an important part of eliminating socially, environmentally and politically irresponsible RO media from the world.

Why is the DOS path character "\"?

Thanks Reddit! If you've ever wondered why all the paths on Windows machines are wrong, why the escape character on Windows is "^" and so on, please read this little piece.

Marvell: Plug Computing

This is a computer in a wall wart. And that is about the greatest thing ever. Visions of an entire server farm only slightly larger than your average UPS are dancing through my head...

lenny-backports started

Just a friendly reminder (to myself, mainly) to update those sources.list files to include the new Debian backports information: better now than in a head-long scramble to resolve a BS dependency six weeks from now.

Henry Rollins on Iron

I...wow. Just...wow.

Things we can ban instead of videogames

This article, which encourages people to reassess the risk posed by videogames in light of the risk posed by other, equally ubiquitous and multifarious social phenomena, reminds me of those Schneier articles where he harps on the fact that more people die in car crashes every month than have been killed by terrorists in the entire history of humanity.

Watching Hard Drive Activity With iotop

Have you ever suspected that disc I/O on your RAID card was shitty? Wanted to verify that those mysterious, seemingly read/write related errors were, in fact, related to poor disc I/O? Watch your array crash and burn in real time with iptop!

Clutter: Declutter Your Home with a Detailed Inventory

I would hesitate to call this a revelation, but it does harp on a basic point of preparing to move (or help a loved one move): before you start packing, go through the place and eliminate redundancy. It seems obvious...until you're unpacking your third hardcover copy of _Paradise Lost_ and thinking to yourself, "Jesus--I can't believe I just drove 30-some-odd pounds of John Milton across the country."

AdFreak: Get these guys for your next videogame ad

So, some indie filmmaker/fanboy types whipped up this Halflife fan fiction video, it went viral and now they're trying to parley (what I'm sure they could insist on calling) their success as viral marketers into startup capital. And while I don't see nothin' wrong with turning your DIY/homebrew viral media project into a pay check, I think this is definitely going to come up the next time someone tries to convince me that the whole "viral" thing didn't jump the shark years ago.

Read me first: Why do IT systems use insecure passwords?

Schneier with a very brief piece on why sysadmins need to be the standard-bearers for the charge to convince users to a.) create better passwords and b.) stop trying to circumvent security measures for the sake of "convenience". I've been doing my fair share of evangelism. Have you?

NSA offering 'billions' for Skype eavesdrop solution • The Register

Courtesy of Schneier: apparently Skype is the go-to for secure voice communications. Good to know.