Someone linked me some news article on wired.com (Hackers Assault Epilepsy Patients via Computer). The article itself is quite shocking, this has nothing to do with hacking but all with the most antisocial people you can imagine. But when you read this part:

 Circumstantial evidence suggests the attack was the work of members of Anonymous, an informal collective of griefers best known for their recent war on the Church of Scientology. The first flurry of posts on the epilepsy forum referenced the site EBaumsWorld, which is much hated by Anonymous. And forum members claim they found a message board thread -- since deleted -- planning the attack at 7chan.org, a group stronghold.

The article just lost its credibility. I understand it is useful to have an organisation to blame for everything that goes wrong on the internet, but this goes too far. The so called "proof" is pure guessing, the thread has been suddenly deleted and it is claimed by some forum members. I just can't believe big sites like wired fall for this junk.

When browsing through my Perl folder, I came across my first line of code in Perl, written in 2006:

for($start="a";$start ne "zzz";$start++) { print $start."\n"}

I'm wondering now if I just copied that from some tutorial or actually wrote it myself :) .

Recently randombase.com has been discovered by spammers, the comments were flooded with the classic viagra junk and stuff. Since I hate captcha's for verification purposes (they annoy the users), I wrote a small Javascript / PHP application. You need to know that spammers use automated software, mostly in a way they just read your html source, parse out the form data and send the POST request to your server. There are no 'real' browser windows involved, to get an idea on how a spammer sees your site, check out Lynx. They can not parse Javascript, and that's where it gets easy: just add a dynamicly generated and hidden form entry.

You could do this simply using a static type of text, using code as:

document.getElementById('commentForm').innerHTML += "<input type='hidden' value='nospammerskthxbye' name='nospam'>";

Read more »

This is a modified version of my forumpost, somewhere. This isn't actually a bug, more some sort of logical error, which allows you to bypass certain restrictions. I have to add that you might never even encounter this!

Apache has an extension called mod_rewrite. This extension allows webmasters to 'rewrite' their URL's to a more userfriendly version,  ?strangevar=weirddata would become /vars/data.html for example.

PHP has something which is directly modified by the url, the predefined variable $_SERVER['REQUEST_URI']. This variable has a lot of different uses, but the one I am going to talk about is the case where it is used to prevent direct access to certain files. This is a commonly used method to block all kinds of exploits.

A (bad) example is this:

<?php
if(preg_match("/testing\.php/",$_SERVER['REQUEST_URI']))
{
die("Don't do that.");
}
print "Passed the test.";
?>

This would prevent people from accessing the file when it is not included in an other one. The bad thing about this is when there is a .htaccess file in the same directory using this mod_rewrite configuration:

RewriteEngine on
RewriteRule ^([^/\.]+)\.html?$ $1\.php [L]

Thanks to this configuration, you can access testing.php simply under the url testing.html. REQUEST_URI is directly modified by the mod_rewrite settings, thus passing unexpected data to the PHP script. Yes, this is extremely limited and might never be found in any live application, I didn't check any applications for it.

It probally won't become any form of real competition to Google (if it would, Google would buy the company anyway..) but it's a cool concept, being able to preview the site you're surfing to! Searchme is an upcoming search engine that will finally try to do something new, that gives us a reason to visit it. You can find their homepage here, make sure to check the video!

Let's not break down Microsoft today, even though a lot of the functions are just 'little gadgets', it is a fun concept. If you never heard of Microsoft Surface, check out this video, it's worth watching and don't be distracted by the nervous employee. I can't wait for seeing the first 'Linux on Microsoft Surface' hack.

If Perl lacks something, it's a modern community, so here is a new project of RandomBase: PerlForums.org. We hope to attract lots of people to show the world Perl isn't dead and isn't as hard as everyone thinks, it is strongly aimed at new users and not only at the so called experts. We invite everyone to join these forums, ask questions and become a part of the newly formed Perl community!

If I come to think of it, I have created lots of websites before. For other people or for my own, for free or for money. If you're interested in viewing a list of my latest work, feel free to visit my portfolio.

Heck, if I had known writing plugins for Wordpress was so easy, I would have started doing it much earlier. It is 1. Fun and 2. Good way to make money. Lots of people ask for custom plugins for their blogs, and pay nice for it too!

As we all know, Mr. Google is planning on taking over the internet. It is succeeding pretty well too, since it owns one of the biggest ad servers now too: Doubleclick inc. changed ownership for 'only' 3.1 billion dollar. Big changes? Nope, not for people who don't handle with these kind of companies, the ads will be annoying as always. Google will start its own ad serving company: not AdSense but Ad Manager! Let's hope they don't screw up the CPM rates like they did with AdSense...