On my personal blog, on a post about the Melbourne public transport smartcard Myki, this comment popped into the moderation queue:
I found another very uefsul behaviour this morning.I don’t touch off when I get home at night. While, this seems weird how do they know I got off in Zone 1 (for which I have a pass) and didn’t travel into Zone 2 (for which I should be charged Money)? But, the fare manual says that if you have a MyKi Pass and you touch on in a zone for which that pass is valid (Parliament in my case) then there is no default fair.So, every morning when I touch on, it tells me deducting fare for previous trip . Which is $0.00. Cool.This morning I forgot to touch on some power issues on our line, got to chatting with the Station Hosts, just forgot. When I got to Parliament, I fully expected the gates to deny me egress and I’d have to do the silly thing where you act exasperated and they just wave you through the end gate even though you’re holding nothing but a wallet in your hand (MyKi works while in the wallet).BUT, it let me through. Seems that it’s happy enough that I started a trip (at Parliament) last night, spent 16 hours travelling and ended my trip back where I started. So it let me out basically a touch off of the trip home last night.Bizarre. But uefsul.
At first glance, it looked on-topic. But I was suspicious because the user link was to facebook.com/profile.php?id=XYZ (I’ve removed the ID) — and it came in the middle of a bunch of other (less-relevant) comments linking to similar URLs.
Googling around for key words in the comment, I found that it’s a copy of a comment from a completely different blog, with various misspellings inserted, and paragraph breaks removed. The original:
I found another very useful behaviour this morning.
I don’t touch off when I get home at night. While, this seems weird – how do they know I got off in Zone 1 (for which I have a pass) and didn’t travel into Zone 2 (for which I should be charged Money)? But, the fare manual says that if you have a MyKi Pass and you touch on in a zone for which that pass is valid (Parliament in my case) then there is no default fair.
So, every morning when I touch on, it tells me “deducting fare for previous trip”. Which is $0.00. Cool.
This morning I forgot to touch on – some power issues on our line, got to chatting with the Station Hosts, just forgot. When I got to Parliament, I fully expected the gates to deny me egress and I’d have to do the silly thing where you act exasperated and they just wave you through the end gate even though you’re holding nothing but a wallet in your hand (MyKi works while in the wallet).
BUT, it let me through. Seems that it’s happy enough that I started a trip (at Parliament) last night, spent 16 hours travelling and ended my trip back where I started. So it let me out – basically a touch off of the trip home last night.
Bizarre. But useful.
It seems the spammers are trying to get a bit more clever at sneaking their comment posts past moderators.
I still don’t know why, given WordPress has used NoFollow on their comment links for about ten years now.
Interesting read: How to Protect Yourself from NSA Attacks on 1024-bit DH
TL;DR: 1024 bit DH keys can be broken, so you should configure your browser not to support them in SSL/TLS.
Subject line: “You’ve been added as a contact on Cotap”
Email text: “Cotap is a secure texting app for teams. View the [company name] directory. [link]
“Are you using WhatsApp, GroupMe, or iMessage to text your coworkers? See why Cotap is better for work.”
Yeah, no, this is spam, and it sounds like quite a few people are getting them.
Cotap was formed by former Yammer people… there’s speculation that when they left Yammer, they took a copy of the Yammer email list with them.
In any case, don’t fall for their trap. Don’t do business with spammers.
In fact, why on earth would you trust your business messaging to spammers?
I don’t know how much bandwidth Twitter’s new autoplay videos are burning up, but fortunately it can be turned off.
Just… just… wrong. So wrong.
Firstly, note the error message “Enter a valid email addresss”. Where, pray tell, ought I do this? Why do I need to upload any attachment again? Why do I have to prove I’m a human time-after-time, when all I’m doing is wrestling with your completely broken attempt at a web form?
Have they noticed that no-one is submitting help requests via this form, what with its refusal to accept said requests?
Dear Flickr: stop sucking balls.
I couldn’t find anyone extracting out the geolocation geotagging EXIF data from their photographs so they could pull it up on something like Google Maps. There are stand-alone programs with embedded maps, but the bits and bobs lying around on the average system ought to be enough to just generate a URL to a mapping website. The following bash script echoes the URL that geolocates your JPEG. Because my camera doesn’t emit it, I couldn’t be bothered dealing with the seconds part of a location, but I did detect that you don’t have a camera the same as mine. Drop a line if you’ve used this and fixed it.
# emit a hyperlink to google maps for the location of a photograph
Seconds=`exif -m --ifd=GPS --tag=0x02 $1 | grep -oP "[\d|\d\.]+$"`
if (( $Seconds=='0' ))
Seconds=`exif -m --ifd=GPS --tag=0x04 $1 | grep -oP "[\d|\d\.]+$"`
if (( $Seconds!='0' ))
echo "Script does not support seconds being specified"
echo -n "https://maps.google.com.au/?q="
declare NorthSouth=`exif -m --ifd=GPS --tag=0x01 $1`
if [ "$NorthSouth" == "S" ]
echo -n "-"
echo -n `exif -m --ifd=GPS --tag=0x02 $1 | grep -oP "^[\d|\d\.]+"`
echo -n "%20"
echo -n `exif -m --ifd=GPS --tag=0x02 $1 | grep -oP "(?<= )[\d|\d\.]+,"`
declare EastWest=`exif -m --ifd=GPS --tag=0x03 $1`
if [ "$EastWest" == "W" ]
echo -n "-"
echo -n `exif -m --ifd=GPS --tag=0x04 $1 | grep -oP "^[\d|\d\.]+"`
echo -n "%20"
echo -n `exif -m --ifd=GPS --tag=0x04 $1 | grep -oP "(?<= )[\d|\d\.]+(?=,)"`
Anybody else get this warning?
This article has some more detail — it appears to have only affected GMail mobile/iPad apps.
I’ve checked — nothing seems to have accidentally fallen into the Bin/Trash or Spam folders.
Just goes to show, even GMail/Google ain’t perfect.
I’ve had periodic problems with Google Chrome on Windows (Version 32.0.1700.102 m, but this has also happened occasionally in the past); sometimes it will refuse to copy the address bar.
Instead of copying, it will clear the clipboard.
Copying from other places, such as a web page (content or using Right-click / Copy Link Address) works fine.
Not sure if it’s an environmental issue — only seems to happen on my work machine; I haven’t seen the same at home.
Blogging it here because I can’t see any mentions of it online (which might be because it’s just me). Will post back if I find the solution.
Update 2014-01-31: I uninstalled and reinstalled Chrome… it seems to work again, for now.
Update 2014-02-05: The problem seems to have come back. Very odd.
Update 2014-02-20: Some old posts on a related problem seemed to suggest it might be a Chrome Extension causing issues, so I removed all of mine. The problem seems to still be intermittently occurring.
Postscript: As per the comments, if you have Remote Desktop running, try shutting it down.
For years now I’ve been… less than impressed with the ANZ bank’s concept of how a secure banking website should work. Finally they’ve taken steps to harden their site. They’ve introduced “secret questions”, like “who was your best friend in high school”, “what’s your partner’s nickname” and “what’s your nickname for your youngest child”. At last, my money is now safe from thieves who will never guess that my my partner’s nickname is Cathy, my best friend in High School was Robert, and my youngest’s nickname is Marky. Oh, darn! I accidentally disclosed the answers to those secret questions! It’s as if that information would be widely available to any thief who took the time to look me up on Facebook (don’t bother, I’m not on Facebook).
Because in providing answers to these questions the security on my account was going up, not down, I couldn’t possibly be allowed to opt-out, with dire warnings about being liable for losses if someone found out the answers. To these most basic of questions.
Most other banks have implemented two-factor authentication. Even G-mail has two-factor authentication. But not the ANZ, they’ve stepped things up a notch. They’ve eschewed two-factor, and gone for “You’ll never guess the name of my pet, which I post on Facebook all day long”.
So I took my standard defensive action: attack surface reduction and target-value minimisation. To reduce the attack surface, for each answer I mashed the keyboard – so thieves, remember my first Primary School was in the suburb of pwofkmvosffslkdflsifcmmsmclsefscdsfpsdfpefsdflsd, or something. To minimise the value of the target, I swept all the funds out of the account. What’s wrong the the technique of establishing identity by the production and examination of 100 points of identifying documents? Why do I need to have a favourite colour?
Cathy worked for the ANZ until recently, and the day she received her final paypacket she shut the account. Hated their account with a passion, but the ANZ is incapable of paying their employees through anything other than an ANZ account. Because, you know, banking is hard.
Atwood: Yeah, I was going through my blog…
Spolsky: It seems like half of all sites would be broken.
So, I need finer granularity of control. Part one is RequestPolicy for FireFox, similar to which (but not as fine-grained) is Cross-Domain Request Filter for Chrome.
Anyway, here’s the base configuration for my browsers these days:
Tell us what you think! DoNotReply@example.com
It doesn’t really work like that.
G Reader shuts down in a week.
I’ve been trying Feedly, but and have been trying to love it, but it’s annoying in a couple of significant ways.
Firstly, after clicking on a feed, I want to use the cursor down or Page Down key to move through the items in that feed. Unlike G Reader, Feedly doesn’t put the focus in the right place. Drives me up the wall.
Secondly, it’s embedding itself in multiple places in Chrome. First it put an icon of itself in the bottom-right of every browser tab (which even shows up in print outs, would you believe?)… and just in the last few days it’s started creating its own tab, which doesn’t even have a close icon on it. Is this conceited or what?
Frankly this does not bode well for my future with Feedly, if they’re going to take liberties like this.
Perhaps it’s time to look at alternatives — even if they don’t have accompanying smartphone/iPad apps.
Anybody tried The Old Reader?
Any other good ones which are as close to Google Reader as possible?