bernardelli’s posterous

Received wisdom has it that app. 90% of the web would disappear behind error messages if browsers began to enforce standards. Hence browsers try to be very lenient when handling crappy mark-up.

Sounds innocent enough.

Unfortunately browsers are overdoing this leniency to a point where it becomes dangerous for all of us.

Consider this abridged snippet (taken from a real site):

 
</head> 
 <script language="Javascript"> 
All sorts of bad stuff going on here 
</script> 
 <body> 

Thanks to some really clumsy SQL-injection this script sits outside the DOM tree. It should never run.

Well, here's the bad news: All browsers run the script.

The same goes for this beauty:

 
</body> 
</html> 
<script type="text/javascript"> 
Lengthy session-cookie sniffer goes here ... 
</script> 

Shouldn't run - but does. In ALL browsers.

Firefox goes as far as to even execute stuff that sits before the Public Identifier.

 
<script type="text/javascript"> 
 some grotty XSS 
 </script> 
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 

Yup, you guessed it -- will run!

Building browsers like that is akin to breeding human beings you can kill by stealing their shoe-laces.

It is the price we all pay so braindead Web Designers can get away with the bilge they call websites.

OK folks, I am not a very happy camper at the moment. Thanks to some unbelievable stupidity on the part of Whoever is responsible for packaging kernels at Debian I had to re-install my system.

On Saturday a kernel update meandered its merry way from the repos and then didn't install cause dpkg crapped out with a "disk full" error. The "disk" in question being sda1 aka my boot partition.

Not counting the fact that there were still nearly 100MB of free space which should have been enough for a 70MB kernel image that was supposed to replace the previous image the boot partition in question was also sized according to Debian's very own suggestions during the original installation of the system.

An original installation, one must mention, that took place when kernel images already had reached their current bloated size.

A humble suggestion to the installer honchos: If the user is about to use a whole disk for "single-boot" install and said disk is hundreds of GB in size, why not make sda1 == 1GB instead of the current value of 350MB? I mean, future kernels will most probably not be smaller than current ones.

gParted Live-CD was no help. No matter which hoops I jumped through it just wouldn't grow the sda1 primary partition.

Quick decision: Backup home and etc and install a new system with a new partition map.

Off to the Debian website and download Lenny aka Debian 5.0.3 as a net-install ISO.

Installation was the usual Debian yawn-fest up to the point where one has to decide which crap is to go on top of the basic system.

After previous bad experiences with selecting "desktop", which gives you "The full GNOME" complete with 4 versions of everything plus the kitchen sink, I opted out at that point and rebooted into the console from whence to install bits and pieces as wanted. Comes the time for CUPS ...

CUPS now depends on Samba. For no sane reason whatsoever. Don't want Samba? Can't have CUPS!

At the same time sane dependencies like e.g. foomatic and ghostscript don't exist for CUPS. You have to find those yourself. Which of course every noob will do by instinct ...

Next piece of crap - avahi. Who wants it? Nobody! Who uses it? Nobody! So why the fuck is it a hard dependency for the gnome-desktop-environment package?

Don't believe me? Try apt-get purge avahi and apt-get will tell you where to stick your freedom of choice. It's either GNOME with avahi or no GNOME at all.

Now here's a question: Why is there no package called e.g. "gnome-minimal" which gives you the panels and drawers plus a a window manager and a minimalistic set of the most necessary applets, together with synaptic and a printing system?

The way things are at the moment the user has the choice between bloat and megabloat or a painstaking search for individual components.

And for fuck's sake take "treat recommendations as dependencies" out of the default settings of apt and its front ends.

There's a dude on Twitter who seems to have become a bit desperate lately. He went from selling himself as an audio blogger to marketing himself as a link aggregator and now he's back to audio blogging.

A few days ago he discovered the autopost feature of several social media offerings he uses. The result is catastrophic, to say the least.

He posts by email to posterous which he has set to autopost to his Twitter, tumblr and Typepad accounts. With the latter two in turn also set to autopost to Twitter as well.

So now, everytime he posts to posterous this results in a carpet-bombardment of his followers timeline on Twitter, which of course is not particularily endearing.

Some months ago I wrote the following about FriendFeed:

After succesfully fouling Facebook, MySpace, YouTube, Flickr, three to five topical blogs, a TumbleLog, Picasaweb and TwitPic with any possible form of imaginable garbage they then autopost the whole shebang to FriendFeed in one fell swoop, and FF obligingly organises it all with circular references.

Since the spammer's Facebook and MySpace accounts, the three to five blogs, YouTube, Flickr, Picasaweb and TwitPic are already interlinked via every possible incarnation of This_Or_The_Other_Burner plus Google SpamConnect, FriendFeed adds another reservoir for possibly misleading links for anybody searching on good old fashioned search-engines.

If the spam bloggers play their cards right, they can have dozens of seemingly unique URIs all referencing the same trash blog. Now if that ain't progress.

The above mentioned Twitter user manages to gain three different sounding links from three different link-shorteners all pointing at the same content whenever he emails posterous.

I already wrote that Twitter's new "Lists" feature is IMNSHO not exactly mindboggling. Here are more reasons why.

Twitter "Lists" are currently only available via the website, you cannot access them via Twitter's REST API. This of course puts the Lists at the mercy of the Twitter website's persistent scaling and data propagation problems.

Those problems are of course nothing new. You can actually set your clock by the appearance of the dreaded "FAIL WHALE". 16:00 UTC on any given weekday data on twitter.com goes completely out of whack. The differences between the website and the return formats you can access via the API are horrendous.

Currently - 16:44 UTC - the difference between friends_timeline.xml grabbed via the API my favs "List" and /home on twitter.com is like 10 statuses. Perhaps Twitter should spend some more energy on solving basic design problems rather than rolling out new features.

This week Twitter rolled out "Lists" to a limited number of users.

Described in simple terms said lists are subsets of a user's "friends timeline" and live in his/her path on Twitter.

Scoble, Mashable and the rest of the Web 2.0 gazers had a communal Twitgasm, like they always do when Twitter rolls out something new. In almost perfect unison they fired their usual salvoes of badly considered metaphors from the surplus stock at trashBay.

Hardly a one of them who did not use the term „killer feature“.

So much for the hype.

I beg everybody's pardon, but contrary to the self-anointed High Priests of The Church of Mashup I am totally underwhelmed by "Lists".

Twitter, you see, has a modestly dressed nerdy sister, named Identica. A micro-blogging service based on the open-source software Laconica. This service has for quite a while now had a feature called "groups".

While Twitter lists and Identica groups are not directly comparable the latter have certain features that Twitter should seriously consider introducing into "Lists".

So where do Twitter lists fail?

Shortcoming 1

You cannot link "Lists" to any meta-data. Hence, as opposed to Identica's "groups", a new user on Twitter cannot search for lists by keyword or tag.

Shortcoming 2

There is no short-tag for mentioning lists in tweets. Again Identica's implementation wins hands down. There you can use the "bang tag" which tells the system to automatically convert the mention into a hyperlink pointing at the group's page where the user can read about the group and / or join it. It's as easy as prefixing the group's name with a bang like so !groupname

Even if Twitter would consider implementing such a scheme it would run into a problem caused by an unfortunate design decision.

Over on Identica the groupnames are in the global username namespace, which automatically puts a "unique" constraint on all groupnames. Twitter lists live in the individual user's namespace and uniqueness can only be guaranteed within this namespace jail. Therefor Twitter would have to jump through hoops in order to let users simply type !listname and have the system create a hyperlink pointing at a unique resource.

Once "Lists" will be rolled out to the great unwashed, how many instances of "my_favs", "myfavs" or permutations thereof will pop up within hours of the launch? All just one fragile subdirectory away from polluting Twitter's global namespace.

Shortcoming 3

Twitter lists are exclusive "by invitation only" one-way streets, while Identica's groups are open and inviting, i.e. inclusive. You don't follow groups, you join them. Groups thereby encourage interaction, a quality that Twitter lists lack badly.

Let us also not forget the "hidden meta-data&q uot;. "Lists" tell the observer that somebody thought that the people on said list were somehow "more equal" than the rest of the plebs on his/her "friends timeline", but not exactly why. Enter from stage right "perceived values" -- see below.

The membership list of a group on Identica tells you that those people share a clearly stated common interest and that they went to the trouble of finding that group and joining it. Simple, easy, grep-able.

Summary

Twitter "Lists" are not worth the hubub that Scoble et al make about them and they are most certainly not a "killer feature".

Twitter has quickly evolved into a marketplace of shallow vanities where "interaction" is not necessarily the name of the game. Hence it is to be feared that "most listed" or "listed by X" will soon become badges like "most followed". Utterly meaningless, but endowed with a to tally artificial perceived value driven by hype.

„Wow , I just got shortlisted by @Celebrity.“ Just wait and see -- those tweets will come.

In their current implementation "Lists" are not much more than a bandwidth-intensive wrapper around those mindless #FollowFriday tweets made up of chained @mentions without any meta-data. They also duplicate functionality already built into a number of desktop clients.

There's nothing here. Let's move on.

Just my .02 to show what I think of IE 6 from a developers point of view.

Even though I work with bash every day I would not claim to be an expert or
guru. Hence I am always willing to improve my knowledge and often follow links
at public bookmarking sites that offer to enlighten the reader on certain
aspects of usage.

Sometimes you find real gems at the endpoints of such links. At other times you land right in the middle of Ubuntard AdSense Gagaland.

Today I followed a link which turned out to be of the latter type. It took me
to the site of some lobotomized AdSense Crofter who departed himself of the
wisdom that: "Bash does not support C-style for loops."

What utter bilge!

The following is an excerpt from bash's own man page:

 
 for (( expr1 ; expr2 ; expr3 )) ; do list ; done 
 First, the arithmetic expression expr1 is evaluated according to 
the rules described below under ARITHMETIC EVALUATION. The 
arithmetic expression expr2 is then evaluated repeatedly until 
it evaluates to zero. Each time expr2 evaluates to a non-zero 
value, list is executed and the arithmetic expression expr3 is 
evaluated. If any expression is omitted, it behaves as if it 
evaluates to 1. The return value is the exit status of the last 
command in list that is executed, or false if any of the expres‐ 
sions is invalid. 

Does that describe a C-style for loop or not?

Like most crap artists from AdSense Gagaland the above mentioned moron has
comment moderation enabled and his comment section only contains lick-spittle
praise from people even more moronic than him.

Well, you now know that bash has C-style for loops. Enjoy!

Some words of caution: Bash is an interpreted language and consequently a bash
script will always be considerably slower than a compiled program. Use any form
of iteration such as the above described for loop sparingly,
especially when every iteration spawns one or more subprocesses. You may of
course be in the habit of taking long walks while your machine chews through
scripts - well, then loop away to your hearts content.

My friends_timeline from identi.ca as pulled in with curl and processed by
xmlstarlet - displayed on a gnome-terminal with semi-transparent background.

As the title says ...

This is one of my attempts at creating stuff with POV Ray.

While I get myself acquainted with this service you will have to make do with this boring message.