Alierak
Below are the 10 most recent journal entries recorded in the "Alierak" journal:[<< Previous 10 entries]
|
08:40 am
[Link] | Stopped to take some pics in the middle of my 50-mile commute:
Current Mood:  chipper
Tags: photos
|
|
05:31 pm
[Link] | You may have noticed it's been a while since I posted anything here. There's a reason for that. In February I got busy participating in the Livejournal XSS Contest, where I learned a few javascript / CSS tricks and won three permanent accounts for my trouble. I keep wondering if I should finish writing up that experience, and how much detail to go into, so I've put off posting about anything else.
It bugs me that winners of the contest aren't publicly announced or credited, so it's not much of a contest. It also bugs me that I submitted four additional XSS vulnerabilities, three of which were never acknowledged and none of which have been fixed afaik. I don't think I ever received a fourth permanent account, either, and theoretically I might be due a total of seven. To "submit" a vulnerability, you send private email to Brad. Yeah. I suspect he puts them in the security queue in RT, but there's no way to check. Meanwhile permanent accounts have been losing value through LJ changes such as introducing ads, giving away paid features to ad-sponsored users, etc. So anyway, my trust in LJ hasn't been at its highest levels.
But given that my friend ![[info]](http://l-stat.livejournal.com/img/userinfo.gif?v=91.7) xb95 is going to be starting to work on LJ again, I figure it's probably all going to be okay. Now, what should I do with that half-formed post about my experience with the LJ XSS contest? Is four months enough to resort to public full disclosure, and do I dare toy with the ToS?
Poll #772865
LJ XSS disclosure
Open to: All, detailed results viewable to: All, participants: 13
How should alierak describe LJ XSS vulnerabilities that have been fixed?
View Answers
| in full detail |
   13 (100.0%) |
| in vague terms |
| 0 (0.0%) |
| not at all |
| 0 (0.0%) |
To whom should alierak describe LJ XSS vulnerabilities that have been fixed?
View Answers
| everyone |
| 8 (61.5%) |
| friends only |
| 5 (38.5%) |
| nobody |
| 0 (0.0%) |
How should alierak describe LJ XSS vulnerabilities that have not been fixed?
View Answers
| in full detail |
| 6 (54.5%) |
| in vague terms |
| 5 (45.5%) |
| not at all |
| 0 (0.0%) |
To whom should alierak describe LJ XSS vulnerabilities that have not been fixed?
View Answers
| everyone |
| 2 (15.4%) |
| friends only |
| 11 (84.6%) |
| nobody |
| 0 (0.0%) |
(Yup, this poll was brought to you by my upgraded account)
Tags: lj, toys
|
|
06:20 pm
[Link] |
my weight-loss diet
I've been meaning to finish this up and post it for a good while now. Despite the subject and time of year, this isn't a New Year's resolution post. I started my weight-loss diet in October and have pretty much reached the point where I can declare it a success and write about it in case it will help anyone else out there.
Why I started a diet:
Now that I'm doing it, of course, I can come up with all kinds of good reasons to stick with it, not the least of which is that I want to be sufficiently in shape to keep up with Will while he's crawling around the house. I want never to have to contemplate buying any larger size jeans. As a father, I want to be there for my son when he's my age and to set a good example for him. Et cetera. But apparently no reason of this type was enough to get me started.
Things changed sometime in mid-October when I stepped on my parents' digital scale to weigh first myself, and then myself + Will in order to get a reasonable estimate of his weight. I was shocked to see the scale read 213 before I even picked him up. I'd thought of myself as significantly overweight at 200 for the last year or so, remembered being uncomfortable at 180 when I gained 30 pounds back in college, but 213? Yikes! I must've been gaining a pound a week since we moved in August. That scale reading immediately scared me into eating less, and put me in the right frame of mind to start a diet for real.
Then, I ran across this Boing Boing post and started to read and follow The Hacker's Diet right away. With a name like that, how could it fail to get my attention? I'd never really dieted before, but what the heck. The guy went to all the trouble to write the book and put it on the web. It couldn't hurt to give it a read.
( How it works )
Results:
In the time since I bought the scale, I've definitely lost over 20 pounds (max reading = 196.5, most recent reading = 174.0). Extrapolating to the start of the diet, I must've started out around 205 or so and lost about 30 (my scale doesn't agree with my parents' scale due to the different time of day, amount of clothing, etc.). I've gone from tight 40-waist jeans to comfortable in a 36, and I fit into large t-shirts again as opposed to only XL. I'm breathing more easily and have lots more energy, partly due to exercising. The most unexpected effect is that I have my singing voice back! When I was eating more, and eating more fat, I often had the unpleasant sensation of gunk in my throat. (Though, as I'm finally about to post this, I'm eating 1800 calories a day and sometimes feeling the gunk).
Anyway, here are some nifty graphs. Note the calorie numbers for today are off because I haven't had dinner yet.
Current Mood: pleased
Tags: books, food, health
|
|
02:19 pm
[Link] |
end-of-spam reached
Ok, everyone can now feel free to continue signing up rmg@mit.edu for all those spam lists. The account no longer exists. The password for the nonexistent account, should you require it, is "a3nadotdie", a brief commentary on the account's status as cruft and a slight play on the hostname below.
% ssh athena.dialup.mit.edu
Received disconnect from 18.7.16.68: 15: You are not allowed to log in here: Unknown username
Does that strike anyone else as a bit of a security hole? I mean, giving away the validity of a username?
See also earthdragon's post.
Current Mood: amused
Tags: mit
|
|
12:31 pm
[Link] |
not a bad Friday the 13th
Let's see, I got stuck on one of the newer green line B trains for a while because the doors wouldn't shut / sensors failed to detect manual closing of the doors / train wouldn't move when it thought doors were open / driver had to reboot the train a couple times. After she was done yelling at her boss on the radio, at least, we got to blow through half the stops, but yesterday morning's bank errand ended up taking a total of about three hours. Meanwhile I forgot to call yakshaver and tell him I'd be late or get him to rescue me from the evil train.
Cow-orkers (ok, siderea) decided to deploy the new corporate website because "everything's been going so well today!", so I said to keep it away from me. They didn't; I pointed out that the deployment was going to break a bunch of unrelated sites. But hey, free champagne.
Later yakshaver and I went over to his place for hamburgers, and for the first time I got to play actual poker with real chips and cards against human opponents (incl. his housemate Dan who was a fellow Random back at MIT). Turns out I don't suck very much. We didn't play for money, just heaps of poker chips so it was all in good fun. I hadn't played with rebuys before (after you get knocked out, you grab a new stack of chips from the bank), and that made it harder to dominate the table. A player with a dwindling chip stack gets knocked out, and suddenly they've got significant leverage again. But I think I kept the lead the whole time.
I think if I'm going to play much real-world poker, I've got to learn to control my heart rate. On the first hand dealt, I ended up with a full house and was sure I'd give it away with the adrenaline rush.
Woot. It's raining out, and we're about to try to go see the Star Wars exhibit at the museum of science. Tomorrow it'll be colder and snowy, and maybe I'll want to do some outdoor tourism involving the freedom trail.
|
|
06:27 pm
[Link] |
travel plans
I'm flying to Boston in a few days to give some cluedumps at work. In case anyone there cares, I'll be flying up on the 10th and back on the 18th.
Current Mood: good
Tags: travel, work
|
|
11:33 pm
[Link] | esr writes:
If you are writing C, do feel free to use the full ANSI features -- including function prototypes, which will help you spot cross-module inconsistancies.
on the same page, esr also writes:
Run a spell-checker on them. If you look like you can't spell and don't care, people will assume your code is sloppy and careless too.
Mm hmm.
Tags: odd
|
|
08:55 am
[Link] |
Sounds about right to me...
This pretty much agrees with where I grew up and where I've lived for the past decade...
Your Linguistic Profile:
|
60% General American English |
20% Dixie |
20% Yankee |
0% Midwestern |
0% Upper Midwestern |
(via bluedaisy)
Tags: meme
|
|
09:14 pm
[Link] |
weird coincidence
Oh, yeah, forgot to post about this. After I went out and took my "long exposure" photochallenge shot (here), I was googling for info on the kinetic sculpture at Porter Square. Obviously the first hit was the MBTA website which had the info I wanted. But the second hit was some random guy's photo gallery, where I decided to look around. The guy lived off Somerville Ave at some point, between my apartment and the T station. Nothing out of the ordinary there, people who live near the sculpture take the occasional picture of it.
But imagine my surprise when, browsing his gallery, I found a picture of kareila and myself, taken in Portland, OR...
Tags: odd, photos
|
|
03:10 am
[Link] |
ok, I have a paper topic now...
... but I'm no less frustrated.
During the first days of his reign and for some time after, won't he smile in welcome at anyone he meets, saying that he's no tyrant, making all sorts of promises both in public and in private, freeing the people from debt, redistributing the land to them and to his followers, and pretending to be gracious and gentle to all?
He'd have to.
But I suppose that, when he has dealt with his exiled enemies by making peace with some and destroying others, so that all is quiet on that front, the first thing he does is to stir up a war, so that the people will continue to feel the need of a leader.
Probably so.
But also so that they'll become poor through having to pay war taxes, for that way they'll have to concern themselves with their daily needs and be less likely to plot against him.
Clearly.
Besides, if he suspects some people of having thoughts of freedom and not favoring his rule, can't he find a pretext for putting them at the mercy of the enemy in order to destroy them? And for all these reasons, isn't it necessary for a tyrant to be always stirring up war?
It is.
And because of this, isn't he all the more readily hated by the citizens?
Plato, on the natural and inevitable transition from democracy to tyranny in a city-state (Republic VIII 566d - 567b, dialogue between Socrates and Glaucon). He was describing a leader who "stirs up civil wars against the rich", on the theory that in a democracy the class of power-hungry idlers are likely to end up looting from the rich (organized wealth-seekers) in order to control everything. Power-hungry idlers are blindly followed by the class of indifferent idlers and attain majority support by using the resources of the rich to appeal to (and deceive) the working class. This doesn't quite map onto modern society, but it sure does have a familiar ring to it.
But of course, Plato didn't like democracy either. His ideal society is one where people are trained and assigned into roles early in life according to demonstrated aptitude, either philosopher-kings, auxiliary bureaucrats or guardians, or workers, and they attain happiness by doing what they're best suited for. It's supposed to have the justice knob turned way up. I think it suffers because it has the freedom knob turned way down. There is censorship and selective breeding. There is no voting.
And what about the [democratic] city's tolerance? Isn't it so completely lacking in small-mindedness that it utterly despises the things we took so seriously when we were founding our city, namely, that unless someone had transcendent natural gifts, he'd never become good unless he played the right games and followed a fine way of life from early childhood? Isn't it magnificent the way it tramples all this underfoot, by giving no thought to what someone was doing before he entered public life and by honoring him if only he tells them that he wishes the majority well?
Yes, it's altogether splendid! (558b)
Yes, splendid! Popularly elected leaders are inept nobodies whose only skill is demagoguery and who will probably gravitate toward tyranny. Yay! Splat.
Current Mood:  cold
Current Music: Paula Cole - Mississippi
Tags: mit, politics
|
[<< Previous 10 entries] |
|
