-
The hacker mindset
Is it just me, or does the pharese “adding third party gadgets to gmail” cry security vulnerability? I’ve read this posting from hackaddict, and it made me curious: just what can you do from a Google Gadget? A little googling around (no pun intended :-)) lead me to this presentation: Xploiting Google Gadgets: Gmalware and…
-
Measure twice…
Some time ago I was twiddling with my blog template, when I had the “great” idea of modifying the Google Analytics tracking code such that it checks the successful loading the external script before calling the logging function, to avoid generating errors when the script failed to load (because of NoScript, hosts file entry or…
-
Google Reader, Javascript and Flash
I had the idea some time ago to highlight the source code I post via Javascript. I gravitated towards this solution because I don’t have source level control of Blogger (or do I? ;-)). My thought process was the following: include one .js in each post, which will check if the customization was already done…
-
Creating a horizontal menu with jQuery
I’ve looked around on the net for something similar, but I couldn’t find it, so here is some quick code I’ve put together. Requirements: create a two-level horizontal menu. The menu will be on a separate page on the top frame (yes, frames are so ’90, but they can easily integrate multiple sites). Initially I…
-
Mixed links
First of a nifty tool for all of you (us?) people using RDP: Terminal Server Ping Tool. What’s even better, it’s written in Delphi and the full source code is available. Opera 9.5 is out, making problems with older versions obsolete. At the same time, via the the Think Vitamin website, Opera Dragonfly. This seems…
-
Possible problem with Opera and setTimeout / clearTimeout
I’ve not been able to reproduce this with the new 9.27 release, however I’m quite sure that it is an issue in 9.25: When you use setTimeout, you have two options: either passing a function reference or a string which gets eval-ed. In either case setTimeout is supposed to return an integer ID which can…
-
Google survey beta
So Blogger wanted to know my opinion. I happily clicked along to express my desire to be able to include syntax highlighted code easily. Five point question: what is wrong with the webpage below? Hint: how do I submit this thing? While the looks of the questionnaire were spartan (not like some people who feel…
-
Decoding obfuscated Javascript
SANS had recently a posting about methods to decode obfuscated Javascript, and I just wanted to mention 2+1 tools here: In Firefox you can use the View Source Chart extension to view the source after the javascript has executed. There is also the versatile Firebug, but IMHO that’s an overkill for this. For Internet Explorer…
-
Don’t claim that you have a revolutionary technology…
Unless you have done your research. I was listening to the latest CyberSpeak podcast yesterday (a very nice podcast by the way) and I heard the guy (Chad McMillan) who was being interviewed talking about a revolutionary new technology for identifying packed executables by signature which he will be presenting at BlackHat. I wonder how…
-
On javascript libraries
I did a little project for school which included the dojo.gfx library. Here are share some of the conclusions I arrived at. But first a disclaimer: INAJD (I’m Not A Javascript Developer). I dabble with it but I’m not a professional. Now back to our topic: Javascript libraries are huge. After including the dojo toolkit,…