textiplication.com

From Matthew Jarpe via Mary Robinette Kowal, 100 things you’ve done/won’t ever do [everything involving heights and climbing is automatically out due to acrophobia and bad knees]:

1. Started your own blog
2. Slept under the stars
3. Played in a band
4. Visited Hawaii
5. Watched a meteor shower
6. Given more than you can afford to charity
7. Been to Disneyland [world, that is]
8. Climbed a mountain
9. Held a praying mantis
10. Sang a solo
11. Bungee jumping
12. Visited Paris
13. Watched a lightning storm at sea
14. Taught yourself an art from scratch
15. Adopted a child
16. Had food poisoning
17. Walked to the top of the Statue of Liberty
18. Grown your own vegetables
19. Seen the Mona Lisa in France
20. Slept on an overnight train
21. Had a pillow fight
22. Hitch hiked
23. Taken a sick day when you’re not ill
24. Built a snow fort [man, have I  ever. I'll have to scan the picture sometime]
25. Held a lamb
26. Gone skinny dipping
27. Run a Marathon
28. Ridden in a gondola in Venice
29. Seen a total eclipse
30. Watched a sunrise or sunset
31. Hit a home run
32. Been on a cruise
33. Seen Niagara Falls in person
34. Visited the birthplace of your ancestors
35. Seen an Amish community
36. Taught yourself a new language
37. Had enough money to be truly satisfied
38. Seen the Leaning Tower of Pisa in person
39. Gone rock climbing
40. Seen Michelangelo’s David
41. Sung karaoke
42. Seen Old Faithful geyser erupt
43. Bought a stranger a meal at a restaurant
44. Visited Africa
45. Walked on a beach by moonlight
46. Been transported in an ambulance
47. Had your portrait painted
48. Gone deep sea fishing
49. Seen the Sistine Chapel in person
50. Been to the top of the Eiffel Tower in Paris
51. Gone scuba diving or snorkelling
52. Kissed in the rain
53. Played in the mud
54. Gone to a drive-in theatre
55. Been in a movie
56. Visited the Great Wall of China
57. Started a business
58. Taken a martial arts class
59. Visited Russia
60. Served at a soup kitchen
61. Sold Girl Scout Cookies
62. Gone whale watching
63. Got flowers for no reason
64. Donated blood, platelets or plasma
65. Gone sky diving
66. Visited a Nazi Concentration Camp
67. Bounced a check
68. Flown in a helicopter
69. Saved a favourite childhood toy
70. Visited the Lincoln Memorial
71. Eaten caviar
72. Pieced a quilt
73. Stood in Times Square
74. Toured the Everglades
75. Been fired from a job
76. Seen the Changing of the Guards in London
77. Broken a bone
78. Been on a speeding motorcycle
79. Seen the Grand Canyon in person
80. Published a book
81. Visited the Vatican
82. Bought a brand new car
83. Walked in Jerusalem
84. Had your picture in the newspaper
85. Read the entire Bible
86. Visited the White House
87. Killed and prepared an animal for eating
88. Had chickenpox
89. Saved someone’s life
90. Sat on a jury
91. Met someone famous
92. Joined a book club
93. Lost a loved one
94. Had a baby
95. Seen the Alamo in person
96. Swam in the Great Salt Lake
97. Been involved in a law suit
98. Owned a cell phone
99. Been stung by a bee
100. Read an entire book in one day

I think that’s 44 48 49! I keep finding more.  I don’t know where Matthew got the list, which has at least one dependent element – do 49, get 81 for free.

Like Matthew, I’m taking credit for 94 when all of the hard work was done by someone else.

Seeing 100 not bolded on someone’s list would make me very sad.

Let’s see – things I’ve done that are least likely to appear on someone else’s list:

101. Read War and Peace in one day.  The Sunday after the first US war in Iraq started, I woke with the idea and carried it out.  Third time I read W&P.

101a.  Read more than one entire book in a day.

101b.  Read four books in one day.  Pride and Prejudice, The Naive and Sentimental Lover (LeCarre), A Mask for the General (Lisa Goldstein), Taming a Seahorse (Robert B. Parker).

[I'm just plain obsessive at times.  In one 24-hour period this weekend, I read Roberto Bolano's 2666.  In the next 24-hour period, I reread Memory, Komarr, and A Civil Campaign, by Lois McMaster Bujold.  And I was social enough through all this that no one killed me.]

[Not my copy]

102. Attended college as a fifteen year old.  For three weeks, then I turned sixteen.

103. Been frisked by soldiers of a national army and a revolutionary army in the same day.  Night, actually, in Colombia.

104. Climbed around in the stacks of the Library of Congress.  As a kid.

105.  Had more than fifty books in my car at once.

106.  Written a PDF reader – in Java 1.1.  Ooh, you madman.

107.  Ridden the cable car into the mountains outside Zagreb.

108.  Squared timber with an axe.

109.  Conversed for hours with someone I didn’t share a language with.

110.  Been to a wedding in Venice.

From an interview at Google Blogoscoped with Google group product manager Brian Rakowski:

…

There are ways to make Chrome automatically download a file without the user confirming this (at least using Chrome’s default options). Don’t you consider that a potential problem?

On its own, downloading a file isn’t dangerous. It can be annoying if a site tries to download a bunch of files to fill up your hard drive, but there are other ways to do things like that and it hasn’t become a problem. The danger arises when an automatically downloaded file can be automatically executed. We’ve taken steps to prevent this in Google Chrome and will continue to make sure that this is the case.

This answer is incredibly disingenuous.

How about this comparison? Leaving your front door open is not inherently dangerous.  It’s only a problem if an attacker walks in through the open door and steals your stuff!

Is downloading a file inherently dangerous? Of course not, I do it all the time – when I want to! If Chrome can be fooled into downloading a file without the user’s permission – and it can – that means that an attacker can place malware onto your machine, and it’s up to you not to launch it.  Even if it’s named Spore.exe, and has a Spore shortcut on the Start menu linking to it. A Start menu shortcut is itself just a file.  Arbitrary file downloads are inherently dangerous.  You can’t say “It’s only dangerous if…” the file automatically gets executed, because it’s much easier to convince the end user to execute a file than it is to force it onto the end-user’s machine!

With decent security in place, that is.

BTW, this vulnerability calls into question the whole trust model that the comic book brags about on page 26-27, don’t you think?

Actually, I really like it. It’s way, way faster than Firefox 3 or IE7 or 8, for initial launches and individual page loads.
Though I made fun of the comic book, it does cover a lot more info than I remember Mozila or the IE team ever releasing on the architectures of their browsers – and Opera? Forget it. They cover a lot of interesting points for the user, the developer, and the security guy. I’m impressed by all of it.

Google Chrome is, though, a web browser, which means that it is inevitably a huge and complex piece of software riddled with security defects. Since it’s new, we don’t know what any of them are, though! They are there, though, and they’ll jump out at us pretty rapidly.
Here’s one, via Zero Day and Evil Fingers.

“An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a ’special’ character, the chrome crashes with a Google Chrome message window “Whoa! Google Chrome has crashed. Restart now?”

This is bad enough we’ll see it patched really soon. The problem isn’t just that a malicious URL can crash the browser, it’s the risk that the crash could lead to a stack overflow. They’re using ASLR – address space layout randomization – which makes that kind of attack harder to mount.

The second issue Zero Day cites was a big flaming red flag when it showed up in Safari – the ability of a malicious site to drop files onto the desktop. The Google proof-of-concept exploit may not seem as bad as the Safari carpet-bombin issue, since the user currently has to OK the desktop file save. Aviv Raff’s exploit is an interesting combination of old attacks on aging components incorporated into Chrome and a brand-new vulnerability fresh from Black Hat 2008.

SOOO…
I’d continue to use Firefox for your everyday casual browsing needs. Chrome won’t be safe for a while yet – no new browser could be. IE7 isn’t bad, and IE8 will be pretty good.

It may sound more like the name of an early Elephant 6 band – cf. Neutral Milk Hotel, Olivia Tremor Control – but it’s a wonderful little museum in Orleans, MA. We went there a few weeks ago during our one week vacation on Cape Cod, and for me, at least, it was the height of the trip.

The first transatlantic telegraph cable connected the US with London, although it took several tries for it to be successful. The French wanted to have their own nearly-instantaneous link with the US that didn’t run through London – diplomatic concerns, don’t you know – and laid their own cable from France to St. Pierre et Miquelon – French-owned islands off the coast of Newfoundland – and from there down the Atlantic coast to Orleans. The French built a telegraph station in a not-so-big house by the water and operated it for over seventy years, apparently upgrading, repairing, patching, and reinventing it on the fly. Much of that equipment has remained in the house since the station shut down in 1959, and it’s now lovingly maintained by a number of elderly gentlemen who run the museum.

The equipment is beautiful. Apologies for the quality of some of these pictures – the only camera I had with me was my iPhone.

They let you use some of the equipment! My favorite thing in the museum is the Kleinschmidt Perforator:

Mr Kleinschmidt – quite an important guy, really- took a standard typewriter and added a tape-puncher on top. Anyone who could type could be a telegrapher; in Thomas Edison’s youth, a skilled telegrapher was a highly-paid professional. Edison himself was one of the best in the world, in fact. By the 20th century, though, innovation had stolen the luster from the telegraphy profession, replacing it with wonderful objects like this.

And this:

This is a telegraph transcriber. They didn’t have felt-tip pens, of course, so they had to invent low-friction pens. Dead center in this picture you can see a tiny white whisker. It’s actually a glass tube about a millimeter wide. In this transcriber, the tip of the glass tube sat a mil or so distant from the paper, and the ink would be drawn to the paper by static electricity generated by this:

Lovely, isn’t it? Unfortunately, the static-charged contactless pen only worked in low humidity. On Cape Cod, you really don’t ever get low humidity, so this experimental transcriber only worked in winter.

Here’s a working transcriber:

By working, I mean they actually let you work it! The low green box to the right is a punched-tape reader; you feed in the tape you punch on the Kleinschmidt Perforator, and the signal travels six inches to the transcriber, which as you see here is currently using a ballpoint pen instead of the incredibly fragile glass pipettes. The transcriber produces an EEG-like trace of the Morse signal, which you can easily read if you have a) learned your Morse cold and b) further, learned to read Morse as an EEG-like high-low voltage trace instead of dots and dashes. Probably only the ancient gentlemen who operate the museum possess these skills today.

The cable carried direct current over two thousand miles! At the end of its transit the signal was extremely weak, so much of the energy of the inventor team was engaged in reading or amplifying the faint voltage fluctuations. Here’s a real gem:

There are only two of these babies left in the whole world. The Heurtley Magnifier used two pairs of platinum wire to form a Wheatstone bridge, with one of the four wires heated ever-so-slightly by the signal current. The slight temperature variations produced enough resistance in the detector wire to control a larger current through the bridge. Vibration was a problem – they couldn’t receive a signal on that one afternoon every couple of weeks when the hardware store across town had its coal shipment dumped into the basement.

If you’re on the Cape, I highly recommend this tiny little museum. Tended with love by men who rescued the building and equipment from destruction, it’s a rare opportunity to understand the technology constraints of an earlier era, and appreciate the astounding feats of engineering on which the modern world is built.

Yes, people are talking about Web 3.0 already, which for some reason tonight put me into the way-back machine.  You know what I’m thinking, right? Some major company always nailed a product on the third release.   Had a big hit with the 3.0, even bigger hit with the 3.1, so what did they follow up 3.1 with?

It’s back to the future, baby.  Mark my words, couple more years of the Web x.0 thing, we’ll all be gearing up for Web 95.