Slashback: Pie, Election, Alarm 158
Does he feel like Reese Witherspoon? Joe 'Zonker' Brockmeier writes "After many years of trying, Branden Robinson has finally won the Debian Project Leader election. Linux Magazine has an in-depth interview with Robinson about his plans as DPL, the problems that face Debian, and what it's like to finally win the election."
(We mentioned Robinson's election a few days ago.)
In lieu of perfection, fixability is a good start. gyardley writes "After discovering that a company called United Virtualities was making use of Flash's Local Shared Objects to silently restore my deleted cookies, I decided to combat this marketer behavior with a Firefox extension.
Objection 0.1 adds a 'Local Shared Objects' line to Firefox's Options > Privacy panel, allowing you to delete them as easily as you'd delete cookies. It's still pretty rudimentary - all or nothing deletion, working on Windows only - but Slashdotters are more than welcome to improve it. Since Local Shared Objects have the same functionality as cookies, we need the same amount of control over them as we do over cookies - and built into the browser, not tucked away in some obscure Macromedia page."
Sure, come on in, there's still some punch and snacks left, I think. orv writes "The Unichrome project has issued a response to VIA's recent open source announcement covered on Slashdot.
The response (and further comment) clarifies the current Unichrome driver situation and whilst welcoming VIA's move suggests that VIA should become more involved in existing open source projects rather than simply issuing repeated grand sounding press releases. The Unichrome project has provided and supported a full open source driver, including MPEG support, for the Unichrome and Unichrome Pro chipsets for the past two years."
But this implies that 'perky' is the desired state. dhalsim2 writes "Yahoo reports of a Smart Alarm Clock Set for Perky Wakeups. On the heels of Clocky comes this new alarm clock that will monitor a sleeper's brain waves to determine the best time to wake him up. The device uses a microprocessor within a headband that wirelessly transmits brainwaves to the clock. When the person is in a light sleep and is likely to wake up 'perky,' the alarm will go off. Brain wave monitoring? Sounds a lot like Plankton's Plan Z."
Broken Link (Score:4, Informative)
http://unichrome.sourceforge.net/ [sourceforge.net]
Re:Uhhhh (Score:5, Informative)
Cookie Madness (Score:5, Informative)
"Disable cookies on all images that are being pulled from another domain."
That is, if a web page grabs an image from another domain (a banner, pixel, etc.) then pull it but don't send any of the cookie information for that image.
I mean isn't that the way that most developers track access across websites? You put a one-pixel image and set the cookie through there. Then by reading the http_refer, you know where they've been and associate it to a single user. To track across sites though, this pixel is usually on a separate domain than the site being accessed.
By the way, I originally thought to disable cookies on all images but realized some servers may do security checking via cookies before sending an image. But there is very little legitimate use for sending cookies on images that are outside the domain.
Also, the same could be said of ANYTHING that is pulled off a different domain including scripts, css, etc. If it is on the same domain, send the cookies. If not, then make the request but don't send the cookies.
I would say precious few sites would depend on this behavior and it shouldn't break anything except for the tracking (which we want to break). Not saying that a site couldn't be made to break on this but I can't think of many reasons why a site would.
By the way, I think cookies are great for the most part. SlashDot uses them, I use them, anything with a login (mostly) uses them. I find it humorous when people insist that cookies are evil and you shouldn't have a single one. You can just as easily fake a cookie for a session by sticking an ID in the URL which, personally, I think is worse. Now your personally identifying tracker is available for all to see.
Best. Alarm Clock. Ever! (Score:5, Informative)
You don't need to bookmark the Macromedia page... (Score:2, Informative)
(Actually, I find it more disturbing that a Flash object in a web page could access a local webcam or microphone. Has anyone seen this capability in use?)
Thanks to "bigtallmofo" for bringing this to our attention in the previous YRO article. Who knew?
Alarm clocks (Score:4, Informative)
This may beat the 90-minute rule.
Sleep cycles are about 90 minutes long, so setting the alarm at a 90-minute interval from when you fall asleep will make it more likely that you'll wake up on the high side of sleep, and more likely that you'll feel refreshed. The rule fails if something disturbs your sleep pattern, though, which is where this device (if it exists) would be better.
Re:The whole PIE thing really bugs me (Score:3, Informative)
Flash bypassing cookie protections (Score:5, Informative)
I find it easier just to use the Flashblock extension. In the (very rare) event I need to run a Flash display, I just click the play button.
Re:Best. Alarm Clock. Ever! (Score:2, Informative)
Re:The whole PIE thing really bugs me (Score:2, Informative)
Re:Sarge and Ubantu comparison (Score:3, Informative)
Xorg (I bought an NVIDIA card just to use its new features). Fading and transparacy is awesome.
Much better art.
Community
Newer version of GTKPod.
Re:Wakeup watch... (Score:1, Informative)
Re:The whole PIE thing really bugs me (Score:3, Informative)
And it's tied to the domain of the site placing it, not the IP. Many sites have an image from the ad trackers (a single, invisible pixel, aka web bug) for placing the cookie. Those images can also be in e-mails that are rendered as HTML (look below the final </html> in the message source, they're commonly there)
Re:The whole PIE thing really bugs me (Score:3, Informative)
Because the standard HTTP authentication mechanism is a bit
The standard, most widely supported 'Basic' version makes the browser send the username and password in plaintext on every page request. Okay, without SSL, any login mechanism will transmit the password at least once, but 'Basic' makes it a bit too easy for packet sniffers and the like.
Also, a bit more seriously, there's no standard way of getting the browser to clear its cached username and password beyond quitting the browser completely. It's as if someone entirely forgot that part of the standard, and thus it's a bit annoying.
Cookies are a useful side-route around these problems; I rewrote my standard login system thingy recently to use a cookie containing a username and a long 'hash' string - the password is only transmitted once, then that login session is tied to a specific IP address (or rather, range of addresses to take account of multiple proxy servers and similar). It's hardly hyper-secure, but it's an improvement, and it's far easier to do with cookies than with any standard HTTP authentication.
I do agree that cookies are horribly overused. I only ever set them when I absolutely need to store information client-side (and then it's only ever a reference to stuff stored in a database on the server) - other programmers seem to set as many cookies as they can, in the hope that some might be useful...