Log in

No account? Create an account

Guild Wars 2

Sep. 17th, 2012 | 11:07 pm

I started playing Guild Wars 2, and am happy their questing system has broken with WoW's current quest design. As WoW grew they "simplified" and "streamlined" their questing into something that feels like it should be best described as "raming a railroad down their players throats"

For example early in the Mist of pandaria beta, your ability to complete a zone would break because when a bug broke any one of a number of quests on the main path through the zone, it was quite likely you the next quests wouldn't be unlocked.

Guild wars 2 seems to have three tiers of quest.Read more...Collapse )

Link | Leave a comment {6} |


Jul. 17th, 2012 | 11:26 pm

Its been a really long time since I tried to write. I keep meaning to roll my own blog software, but there's so many other things I should be doing.

At the moment I'm trying to compile the meego/N9 contact & calendaring code on my ubuntu box. Because really I should have a working calendar, and my org-mode files got too cluttered, and evolution/thunderbird/korganizer all feel too heavyweight.

I think apple did a good job with the versions of address book & icalendar on the versions of OS X I'd used 10.1-10.6, and would like some functionality like that on ubuntu. Since I've spent the last year or two trying to rebuild one of my work applications around the semantic web stack, gnome tracker's use of sparql appeals to me. And since some chunk of the N9's PIM stack was integrated with tracker, it seemed like a fun place to poke.

Link | Leave a comment {5} |

Building debian packages for mozilla's sync server

Jan. 15th, 2012 | 12:29 am

I'm surprised this seems to have gotten valid debian packages with a minimum of fuss for a package where I couldn't find a recommended release archive.

Upstream is in mercurial at http://hg.mozilla.org/services/server-full (and server-core, server-storage, server-reg). I don't know mercurial very well and git doesn't pull from the other DVCSes, so I wanted to use bazaar -- unfortunately for some reason the bzr-hg plugin was having trouble pulling directly from the http server. However I discovered I can make a bzr branch from a local hg repository.

  1. hg clone http://hg.mozilla.org/services/server-full upstream/server-full
  2. hg tags
    to find their tagged release version

  3. bzr branch -r hg:<hg spec> upstream/server-full syncserver
  4. python setup.py sdist --dist-dir ..
    to build the "orig" tarball the debian tools want
  5. ln -s SyncServer-1.0.tar.gz syncserver_1.0.orig.tar.gz
  6. copy over my old debian directory & update changelog
  7. debuild -S
  8. Edit MANIFEST.in a few times to add in whatever components were in the build tree but not in the archive built with sdist
Of course I haven't tried installing anything yet. So who knows if this'll actually work. The main thing that'll bite me is tracking the changes I made to the MANIFEST.in and setup.cfg files to get a tar.gz file built with sdist that matches the build tree. (sdist adds an egg_info section to setup.cfg)

Link | Leave a comment |

P2P vs Centralized networks

Jan. 7th, 2012 | 03:22 pm

I've been thinking a lot about SOPA & Related efforts to control the internet by Big Media + Federal Government.

I'm pretty sure the reason the feds want they want to disrupt the ability of the network to form functioning distributed decision making organizational structures as that's a core threat to their reason to exist.

There's been a variety of Darknets being developed now as alternatives to the white market network. The downside is the organizations with the most reason to put large amounts of money into them now are primarily organized crime.

Also if you have a distributed network that allows psudeonymity you will have spam, criminals, and 4chan on it. So one key question is which is worse? A network under the control of a government that aims to block groups it dislikes from organizing or a network that allows criminals to organize?

Link | Leave a comment |

Protecting against XSS

Aug. 14th, 2011 | 11:49 pm

I wanted a module to strip out potential XSS injections.

I looked at the set of allowed HTML on the LJ post and was came up with this idea.

use BeautifulSoup to parse the submitted html, remove all tags that aren't in a safe html whitelist. And then for img & a tags process the url and require they start with an allowed set of protocols. The main downside is that <img src=/foo.png/> wont work. you have to list the http:

This seems like a good method for sanitizing user input while allowing some html -- but how can you really know you're protecting against all the possible ways to inject a hostile payload. There's some really funky techniques for tricking the browser at http://ha.ckers.org/xss.html

Read more...Collapse )

Link | Leave a comment {2} |

How annoying is duplicated posts

Aug. 14th, 2011 | 11:33 pm

Do you, reader, think its a good idea to cross post to multiple social networks and let the reader deal with duplicates?

Or would it be better for the representation of ones social network be incomplete on any particular site. (E.g. some people are only on facebook friends, or twitter followers, or G+ circle members.) So post deduplication is handled by only subscribing once on ones preferred service..

Or alternatively the poster could just pick one site and post there and make everyone check multiple sites to keep up with everyone they want to pay attention to.

How annoying is social network post duplication

Really annoying
A little annoying
No opinion/Don't care
Its fine
Its great

Link | Leave a comment {4} |

(no subject)

Aug. 9th, 2011 | 12:50 am

Thanks to crayon physics I'm now going to have visions of spinning crayon logs as I try to sleep. I suppose that's better than worrying about X,Y or Z.

Link | Leave a comment {3} |

(no subject)

Jul. 10th, 2011 | 11:49 pm

So does anyone have a good desktop client for viewing ones LJ friends page?

One of the things I learned about me and social networking tools I learned from getting things done.

Have as few in-boxes as you can manage. The thing that was nice about twitter & facebook is they provided APIs for downloading their stuff into client side applications so I didn't have to remember to go look.

(OTOH, the Ubuntu default social networking application has some issues).

Link | Leave a comment {3} |

(no subject)

Jul. 9th, 2011 | 09:29 pm

I still have trouble trusting large entities. On the other hand I feeling lonely and feel like I should at least make an effort to interact with a wide world.

Poll #1760483 Where to blog?

Should I start using LJ again?

X is so much better, use it instead.

Link | Leave a comment {8} |

EVE Online

Apr. 27th, 2010 | 10:12 am

The EVE Blog Banter Special Edition: The Ladies of New Eden Asked a question, why does EVE Online only have about 5% of its player base as women.

I don't think I can answer that in general, but I've played EVE I've wanted to like it, and yet I keep going back to World of Warcraft.

I can think of 3 thing that make a difference to my game play.
Read more...Collapse )

Link | Leave a comment {1} |

(no subject)

Apr. 22nd, 2010 | 05:08 pm

A utility that grabs all your posts, all your commands, and all your user pics. Does require python, and my brief code review seems to suggest its using md5 digest authentication. (Instead of plain text).


Link | Leave a comment |


Apr. 22nd, 2010 | 04:21 pm

I saw rumors that the current LJ owners were trying the javascript affiliate re-writing code again. This is a link to a pdf where I know one of the authors. The link text is the simplest version of the amazon link that works correctly. I'm curious if the link one lands at differs from it.


Answer: Yes they are doing it, though its even subtler. When I clicked on the link in this post and for a moment I saw a redirect in the url bar. So I dumped my port 80 network traffic.

The first HTTP request. (Note the Host: outboundlink.me entry)

raw headersCollapse )
which contains my initial url.

(I did remove the Cookie: header from these posts.

I am curious what the parameters tag, linkCode, camp, and creative mean.

http://www.amazon.com/dp/0596514832/thepolychromatpa Link to Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast using joedeckers affiliate code.

Link | Leave a comment {5} |

(no subject)

Apr. 7th, 2010 | 04:52 pm

Making Sense of Privacy and Publicity

A "rough crib" of her keynote at SXSW about the struggles of what we mean by wanting privacy, and why people post things publicly.

There's been a number of recent serious privacy violating issues from big companies, Google Buzz, and Facebook both trying to set the defaults to "public". (Not to mention LJs link rewriting scandal).

Its difficult to fully control your data if its hosted in google or facebook or pretty much anything not on a computer you physically own and now how to administer. Although I could manage to run my own flickr/twitter/blog/wiki thing, the average user, probably would find it difficult.

Also the large centralized services make it easier to know where to look for information about your friends. There's usually more complexity associated with knowing how to use distributed tools, but is increased control over what you reveal worth it?

I was having a brief vision of some kind of web app that'd have a drop down for you called "View my site as (list of your known contacts)"

There's still more room for thinking about this.

Link | Leave a comment {2} |

(no subject)

Mar. 2nd, 2010 | 09:08 am

There's something surreal about having my girlfriend control what music is playing on my phone through a browser on her laptop.

The new E71 firmware has an internet radio application built in, so I pointed it to my home squeeze box server, where she was then able to log in and control what was being streamed to me.

Link | Leave a comment {4} |

First Aid?

Feb. 6th, 2010 | 02:28 pm

I was trying to fix a badly done phone patch job and acquired some of these

According to the instructions, the plastic connector may cause eye and skin irritation and if you poke your eye with it flush your eye with large quantities water.

If you inhale it, "no need for first aid is anticipated". However if you swallow it, don't induce vomiting but do drink two glasses of water.

Somehow I think inhaling a something roughly the size of peanut M&M might require a bit more than first aid.

Link | Leave a comment {2} |

Unpacking Books

Jan. 18th, 2010 | 11:54 am

So here it is MLK day, and I have the day off, so having recently moved, I went back to unpacking.

And for a time I was able to force myself not to find the ideal place for all those books, just get them out of boxes and onto shelves.

But then I had to go get myself distracted by Wikipedia: Library Cataloging and classification. Where I got to read about the differences between the Dewey decimal system and the library of congress system.

And then I learned about the Universal Decimal System and that they have a summary of about 2,000 classifications in Browseable form

Now I need to resist the temptation to install some library cataloging software and go stick call numbers to all my books.

Link | Leave a comment {9} |


Dec. 30th, 2009 | 04:34 pm

We finished cleaning out the old apartment and turned in the keys. I was a bit sad as it was a nice, albeit too expensive, apartment. Hopefully life as a homeowner will be manageable.

Link | Leave a comment {1} |


Dec. 26th, 2009 | 06:07 pm

Mostly finished moving. We still have to clean out the old place, and the long process of unpacking. But at least I have working broadband again and finished setting up the bed.

It was very confusing, the internet moved a couple of days before the rest of my stuff, so I couldn't tell where home was... Was it where my IP was or was it where my bed was?

Link | Leave a comment |


Dec. 20th, 2009 | 09:14 pm

Today we painted our new bedroom, It took most of the day to TSP and lay down two coats. I got the job of edging along the top of the wall, which involved lots of climbing up and down the step stool to get more paint.

While we were waiting we also managed to wash the previous owners someone smelly refrigerator out.

Unfortunately for me I found some muscles that have been ignored for a long time, and so in addition to being really tired now, I suspect I'm going to be in a lot of pain tomorrow.

On the plus side, the room looked really nice when we left.

On the downside, we can see how the carpet looks rather worn, and with my new homeowner powers I keep thinking I should replace it.

Link | Leave a comment {4} |

Building Dashboard

Dec. 16th, 2009 | 06:31 pm

About a year ago Caltech installed a 200 kW solar array on top of one of the parking structures, its the largest solar installation in the city of pasadena. Recently I saw that they had a "building dashboard" showing how much power they produced.

On sunny days in winter they're producing about 514 kWhs per day, which is roughly how much I used for an entire AC heavy month.

The part that's scary, is they'll cover that KWH to other units, like dollars of electricity, or pounds of coal, or... gallons of gas.

That 514 kWh could have been generated from just under 15 gallons of gas.

It boggles the mind how much energy we use going to and fro.

Link | Leave a comment |

I hate this world

Dec. 8th, 2009 | 11:32 pm

So Charlie Stross posted about the British "digital economy bill", a blow job for the largest media corporations allowing permanent disconnection from the Internet. (After 3 copyright infringements)

It is likely this provision requiring that ISP monitoring and disconnection accused users is part of the secret ACTA treaty, currently being negotiated.

Of course since the treaty is being negotiated in private, we don't know what companies are actually behind it. (I suspect Disney).

As a result I should return to my total boycott of anything released by members of the RIAA or MPAA.

If you love the Internet, you should complain to your congressperson about ACTA, and try to boycott the major media providers, and/or consider participating in some part of The Free Culture Movement.

Link | Leave a comment |

(no subject)

Nov. 29th, 2009 | 11:28 pm

And to think it only took 2 days to recover from packing my bookshelves. Still quite a bit more to pack, and I need to get an estimate for movers at some point soon.

Hopefully the loan paperwork will be finalized soon.

Link | Leave a comment |

Picking a Home Inspector

Nov. 19th, 2009 | 12:54 pm

Does anyone have any advice on how to pick a home inspector for southern california?

Link | Leave a comment {1} |

(no subject)

Nov. 18th, 2009 | 08:02 am

Thank you all for your congratulations.

Its fun looking at the post times of all the messages. It appears I have full 24/7 "friends who are awake" coverage.

Link | Leave a comment |

Condo update

Nov. 17th, 2009 | 10:12 pm

The sellers agent responded and my offer has been accepted. It took him a bit to respond as there was a "death in the family".

Next up, he has to "open escrow" and I have to hand over a large sum of money.

And then next the challenging part -- packing.

Link | Leave a comment {12} |