This week’s internet cruising:
- Why You Should Never Search For Free WordPress Themes in Google or Anywhere Else – WordPress, Multisite and BuddyPress plugins, themes, news and help – WPMU.org – I'm not at all surprised by the hackery going on in free WordPress themes.
- YouTube – Brick in a washing machine – I've always wanted to do this!
- Twitter’s Response to WikiLeaks Subpoena Should Be the Industry Standard | Threat Level | Wired.com – "Twitter introduced a new feature last month without telling anyone about it, and the rest of the tech world should take note and come up with its own version of it
Twitter beta-tested a spine."
- Dot Dot Dot – Animated – This is really damned funny: a dramatic reading of a lousy flash game comment… including bad spelling and grammar. Great voice, great text animation.
- The Saddest Book in the Universe (pic) – Imgur – This is, indeed, rather sad.
- Windy City Times – VIEWS Surviving the ex-gay program – 308 – A man's attempt (and ultimate opting out of) trying to become straight. I knew that there were programs to try to do so, but wasn't aware that they were based in Exodus: "I learned the basic theories of Exodus: that homosexuality wasn't real, that gay people were just confused straight people, that gay sex was a sin similar to idolatry. The theories seemed a bit far-fetched but I did my best to embrace and understand them." A good tale.
- <Insert title here>: TSA encounter at SAN – I'm disappointed that I hadn't heard about this back when it happened (I'm sure I was under some rock). This guy–who had done his due diligence on his local airport and believed it to not have the uber-scanners–opted out of the scanning process and the pat-down.
I swear, my heart was racing as I read it.
- Privacy Icons: Alpha Release « Aza on Design – An interesting attempt to have “second-tier” sites label themselves in terms of how they store and use your data–“I share your information with advertisers”, etc.
There’s a great discussion in the comments (albeit not much back and forth) on the flaws and pluses of the idea, but the biggest issue seems to be that companies with crappy practices just wouldn’t display the icons. Asa proposed some Mozilla-initiated measures around that, but it seems like a hefty undertaking.
This week’s internet cruising:
- behavioral advertising icon – Coincidentally crossing my plate right after this tidbit of narrow-sightedness (see Greg’s comment there, too), I had to cackle a bit. I like the idea of disclosing–all the time, not just when you register for a service–that a site is gathering your behavioral information. I also agree that a weird triangle icon in the midst of a column of ads (text or image) won't get noticed and won't make sense.
- Release management, or “How to de-version your app” – Nice examination of the thought processes behind an app being released as a "beta", but not labeled as such, along with the classic features vs. budget vs. quality vs. timeline debate.
- You knew they’d do this. This is why we needed a single payer health insurance plan – I didn't know they'd threaten to pull coverage in entire states to avoid sick kids. Good grief, this is getting nasty.
- WordPress Custom Post Types Guide – Quite handy, as I'm working on a new WordPress website at the moment (not my own–it's volunteer work) and didn't really want to have to find plugins to do things better suited to custom post types… like events.
- If you do this in an email, I hate you – The Oatmeal – I nearly peed my pants laughing at this. At work, no less.
This week’s internet cruising:
- A Beginner’s Guide to Website Feedback – If I can wrap up and launch this damn character sheet app, stuff in this post will be handy for when it betas, especially the surveying. I suspect the LARPing audience will be sufficiently… opinionated to speak on it.
- Six Useful CSS3 Tools – Some of these are pretty slick, if you're moving into CSS3 development.
- Sharpening the blade, part MCMXVII: Nine Amazing Hours. – This is incredibly cool, and I plan to use it for a bit and see if it helps me focus.
- Amazing Examples of Paper Art – I almost hate to link to this, in case Greg gets ideas for elaborate projects.
- Python Business Rules Engine – Lott raises a good point about handling complex business rules, in that it's (often) cleaner and simpler to go ahead and incorporate complex business rules into the app itself rather than writing a parser to allow external entry. In my case, I have such a small user base on the side that would have been entering these rules that it's just as fine for me to do a small code release for any games added with these validation rules in them.
- YouTube – Turkish male belly dancer "diva" – Major glitter warning, here. Major. This may be the first male bellydancer I've ever seen who wasn't mocking dancing, and he's very good. I don't like the music or the dissolve and swirling transitions, though. Or the glitter. That's a lot of glitter.
- Amazon S3 and CloudFront with WordPress and DreamHost | .larre – This is quite a cool plugin. Not the quickest to set up with CloudFront, minifying, and combining, but worth the effort, even just for the hell of it.
- Girl quits her job on dry erase board, emails entire office – This is apparently fake, but a cute read anyway. I’d advise against airing dirty laundry like that, though.
I was fixing a webcomic issue on Greg’s blog, and I’ll be damned if from one minute to the next, it didn’t suffer from an index.php injection, too. This is weird as hell. A bunch of spurious content appeared on his homepage, although clicking through to those posts showed the correct content.
It may be time to look for alternative blagging software. Unfortunately, there are a lot of nice features that I use in WP.
I just found a creepy case of injection in my index.php file. I noticed this morning that my homepage was throwing a “headers already sent” message pointing to index.php, line 10 when it wasn’t cached by Supercache. A reload of the page cleaned it up. But my RSS feed (which currently goes through Feedburner) was also trashed, and /feed wasn’t redirecting. All with the same error. Disabling Supercache fixed the homepage warning, but not the feed.
Being PHP awesome, I checked index.php for trailing whitespace, and found this snippet of code above the standard WordPress code:
A few things to note:
- My SSH/bash history is complete and untouched. That is, I can see back for weeks, and all the commands are mine. So it doesn’t seem to be that sort of break-in.
- I just upgraded to WP 2.9.2 yesterday through the admin console. Likely culprit? Probably.
Can’t say for sure what it was, since I didn’t do more than a cursory check after I upgraded. The homepage would have been cached, so I wouldn’t have seen the warning there.
I suppose I should report this.