Least Significant Bits

That's right, WordPress is out of my life now. It did the job while it had the job, but now it just looks like a shoddy implementation of a category of fad software. It has been replaced with Drupal. Notice the seamlessly integrated image galleries, and the newer, slicker captcha. Someday if I ever do movie or book reviews, Drupal will have a special node type for them.

Sure, it's all written in PHP, the simple, short-learning-curve programming language that reigns supreme and has become "the VB of the Internet" as Nathan calls it. I still haven't bothered even trying any Web gizmos built on other platforms. PHP does the job, and I probably won't feel any more macho, righteous, or warm and fuzzy inside using another tool. :-)

 Filed Under:

• Diary
• Site News

• 3 comments

This morning my computer monitor seems to have died. It's a Nokia 445pro, a monster 70lb, 21" CRT that's about 3.5 years old, and conveniently covered by a three-year warranty. :-(

It went down very sliently: it just started failing to power up. No fireworks. The green LED comes on, but without the loud demagnetizer sound. About three seconds later, the green light starts blinking rapidly, as if to confirm the malfunction.

I found interesting links about this monitor, and a nine-page service manual of some sort with circuit schematics. Maybe Mike Badger can fix it. Otherwise it'll be time to start hunting on ebay. I seem to have extremely bad luck with monitors. My last monitor, a Fry's special of some sort, died within its warranty period, and the replacement died about six months after the warranty expired.

 Filed Under:

• Diary
• Hardware

• Login to post comments

Flash animations from co-workers:
Apocamon - the Book of Revelation in Pokemon style.
Get Perpendicular - Hitachi Data Systems

Cat antics seem popular as well:
http://www.clean-your-screen-for-free-now.com/
My Cat Hates You
Mean Kitty

 Filed Under:

• Internet

• Login to post comments

A few weeks ago I spent some time strolling through the WordPress authentication code, trying to come up with the best way to wrap it with SSL. In conclusion? It can be wrapped, and it seems like it might even be secure if the password and session cookies are only sent and honored over SSL connections.

The session cookie mechanism used in WordPress 1.5 was written from scratch, and suffers problems that the PHP session APIs were meant to solve. It sets two cookies:

wordpressuser_{HASH} = {USERNAME}
wordpresspass_{HASH} = {PWHASH}

The {HASH} is generated from the configured site URL. The {USERNAME} is the plain-text user name. The {PWHASH} is the truly heinous part -- it can be either:

• The MD5 hash of the password.
• The MD5 hash of the MD5 hash of the password.

The cookie checker just compares the value of the password cookie with the MD5 hash of the user's password stored in the database. This makes the MD5 hash of the password just as valuable as the plain-text version. This also means that if the pair of session cookies is ever intercepted, it can be installed into a malicious user's browser unaltered and used to authenticate against the original WordPress site.

If WordPress instead used the PHP session APIs, it might be just as easy to hijack, but its session cookies wouldn't give away anything so permanent, and would expire on the server side after some period of time.

WordPress isn't the easiest package to use. I'm unimpressed with its messy internals, its chaotic landscape of useless 3rd party plugins, and lack of a built-in photo management tool. I'm very seriously investigating Drupal as a replacement.

Indeed, what else is there to blog about but blogging itself!

 Filed Under:

• Software

• Login to post comments

This documents the majority of my vacation to parts of Florida this spring. It represents a week's worth of entries, condensed into one.

 Filed Under:

• Diary

• Login to post comments
• Read more

Today was Paul and Andi's wedding. It was held at the lodge of the Rainbow Rivers club in Dunnellon, FL.. The event was relatively small with about 30 guests, as they had intended for it to be. The ceremony started at 1pm, and lasted about 1/2 hour. It was well orchestrated, with a scipture reading, an account of their relationship, the standard vows, and the kiss.

The dinner party following the ceremony carried on until around 7pm. Mike gave his toast, emphasizing how long he's known Paul and Andi, and how well-suited they are for each other. Tina and her group arranged for excellent food in lavish quantities. There were fine wines, crackers, and bree for hors d'ouvres. The meal included 15 pounds of fresh shrimp prepared in fried and skewered fashions, roast beef, asparagus, and a delicious bean and rice dish. Afterwards, there was another toast with Champagne, and the bride and groom did the cake-cutting ceremony with a two-layer chocolate and vanilla cake. Still later they served a delicious key lime pie.

Paul and Andi spent a week selecting music, and it turned out well. After dinner and cake, some of us, including myself, uncharacteristically, hit the dance floor, and the music supported this well. I had a very good time.

So how did this make it on to the 'net from Florida? Apparently the Rainbow Rivers club has wifi in the lodge! I haven't been using it very much however, because doing so during social hours is unacceptable. However, tonight is another story, because of the application and timing of alcohol during the event. There was a drunken party last night, which I'll document later, and despite having only three servings of alcohol, I felt terrible this morning, and went very light on drinks at dinner. Most everyone else either had a bit more, or at least acted like they had a bit more, or perhaps it had something to do with the general eating schedule. Regardless, after drinking at 2pm, the social lubrication effect started to wear thin around 7pm. The unfortunate part is that the copious amounts of left-over alcohol from the event wound up in one of our cabins, everyone else is likely to plaster themselves, and I'd personally rather avoid the whole mess.

Pictures will be posted within the next few days.

 Filed Under:

• Diary

• 1 comment

At a horribly early hour this morning, I'm preparing to leave for central Florida, for Paul's wedding. I return to Portland on Thursday evening. Finding a free WiFi hotspot in Florida was a major problem last year, and searching a couple of WiFi index sites has turned up very little. Clues?

Updates may be sporadic or nonexistant until late next week, but expect a lot of pictures.

[image:423 size=preview]

 Filed Under:

• Diary

• 1 comment

On Sunday, Nathan, John, both of my parents and I went out to dinner. Why? Because it was my birthday, damnit! My parents hadn't been out of the house together since summer of 2002, and seemed to appreciate the time away. Afterwards, they left, and the rest of us hung out at John's apartment for an episode of Buck Rogers in the 25th Century.

[image:409 size=preview]

The next day, Ursa was particularly thoughtful and nice, and threw a party at work. Her, Daniel, Mike, and I went out to lunch to Pepper's. One reason we chose Pepper's was to try to convince Rick to join us, but alas, he was expecting a phone call. Pepper's is renowned as a relatively small, fun place, where they apparently sing to people on their birthday. Quite embarassing, something to be wary of when choosing a place to eat. :-) Ursa baked a particularly delicious chocolate/coconut pecan cake too! Thanks Ursa!!

[image:422 size=preview]

Check out the entire Gallery of Photos.

 Filed Under:

• Diary

• Login to post comments

A new photo gallery application, along with a bunch of new photos have been posted. Take a look. I also got a new digital camera, and have been (laughably) experimenting with depth of field and its artistic uses.
[image:461 size=preview]

 Filed Under:

• Photography
• Site News
• Software

• 1 comment
• Read more

This week, Mike Badger's anime night went unattended, other than myself and Nathan. By pure coincidence, earlier in the week, I tried to convince everyone that it would be fun to go see Steamboy at Cinema 21. History will observe that to have been a mistake, because a number of individuals who will go nameless announced their inability to attend within the prior 12 hours. Of course, they cited other reasons, so maybe this is just paranoid speculation.

So what actually happened? We didn't end up seeing Steamboy. :-(

First, we went to a place called Mad Greek Deli for food. This was Lacey's suggestion, and they make excellent gyros.

[image:460 size=preview]

Then we screened Read Or Die episodes 21-23, followed by a short series called Rune Explorers. Watching Read Or Die was Mike's preference, because he had received the DVD in the mail earlier that day. Neither Nathan nor I had seen all, let alone most of the episodes preceding that set, so the story didn't flow very well.

Rune Explorers is a four-episode series about a pair of female treasure hunters set in a ruined fantasy world. In the spirit of an RPG, they have a specific goal -- to find three artifacts and unlock some sort of ultimate magic -- which is announced at the beginning. They travel around in a party, which splits, reforms, and ends up acquiring all but one of the major characters by the end. The simple plot leaves little to analyze. While not Evangelion or Lain, this series might appeal more to a younger audience, as long as nobody is offended by its cliche fan service. At least 2.5 stars.

 Filed Under:

• Anime
• Diary

• Login to post comments