...more recent posts
Finally: mod_auth_token Apache module. This is supposedly similar to LIGHTTPD's mod_secdownload. I think this will keep me from switching to LIGHTTPD as a web server. The way I'm handling it now is a bit convoluted (although I'm sort of glad I got it to work.) The issue is that you want your application logic (PHP for me) to do authentification, but you don't want it to serve large binary files (with fpassthrough or whatever) because that is really inefficient compared to just having Apache do it (without PHP.) This takes care of the problem by allowing you to generate a token in PHP (an md5 of the current timestamp and a 'secret') and then pass this token to Apache along with the file request. If the timestamp is new enough Apache will serve the file. I'm doing a similar thing by hand now - keeping the files outside the web root and then creating symlinks with PHP which I then erase on subsequent requests to the system. It works fine, but makes for some complex code that mod_auth_token will greatly simplify.
Now my only module wish is something to throttle traffic (I use mod_cband now since I'm running Apache 2) but allow for certain file extensions (or maybe all files served from specified directories) to burst to x kb/s for the first n bytes of the file. In other words, I'd like to be able to specify a max kb/s on a per virtual host basis (mod_cband does this perfectly,) but then to further allow for that limit to be bypassed for the first x bytes of particular files. The point is to facilitate fast and stutter free streaming starts. Maybe you would throttle bandwidth at 1 mb/s for a virtual host, but for .mp3 files you have it burst to 3 mb/s for the first 100 kb of the file (and then slow down to 1 mb/s for the rest of the file.)
Maybe I'll try to get in touch with the mod_cband guy. A little bit arcane, but I think people would like it.
Interesting, super geeky look at BigTable, Google's in house developed storage framework.
Lots of main stream press stories about a remote root exploit in Apple wireless drivers. Seems like there is some truth here, and also a little bit of confusion. First off, this isn't just about Macs - the hacker duo demonstrating the exploit say it works against most wireless drivers on any platform. And secondly, they didn't actually demonstrate the exploit against the shipping Apple wireless drivers - they demonstrated it against a 3rd party wireless card (not the shipping Airport card) running 3rd party drivers. Color me unimpressed there. However, they say that it works against Apple's card and driver as well. I guess we'll have to wait for confirmation on that. And thirdly, the vulnerability can be fixed with one click in system preferences. I am still trying to figure out if new systems ship in an exploitable state, or if this "feature" is off by default. In any case, to protect yourself you just need to set Airport to only search and join known wireless networks automatically (instead of just joining any open wireless network within range.)
To do this, open System Preferences. Click on Networking. In Networking set 'Show:' to Airport, and on that screen set 'By default, join:' to 'Preferred Networks' (not 'Automatic'.)
Mod_ext_filter is an Apache 2.0 module that pipes about to be served content through an external filter before sending it to the client. The filter can be any command line program that reads from standin and writes to standout.
This is the first time it has been an advantage for me to be running Apache 2 instead of 1.3 (where this module is not available.) I need to serve downsampled mp3s, and I don't have the room to cache them, so I'm going to try to do it on the fly using mod_ext_filter to send them through LAME. I think I can do this in better than real time, but I'm not totally sure. I might theoretically need up to 10 simultaneous downsamplings (re-encodings) at once. We'll see if the server is up to it.
Verizon just launched the Samsung A990. It has a 3.2 megapixel camera (finally!) with an auto-focus lens (finally!). Still, it's always possible they screwed it up somehow - I haven't seen an actual image yet - but this looks good. It's also EV-DO (high speed data), has bluetooth, and a nice big screen. Possibly a tad on the large size, but doesn't look too bad. Unfortunately it's pretty expensive for a non smartphone - $349 with a two year contract (and that's after a $50 mail in rebate.)
Other than the price this looks like the one to get if you can't wait for the ultimate sweetness that will be the Nokia N73 (also 3.2 megapixels with auto-focus Zeiss lens.) Finally the good cameraphones have begun to launch. I'll have to dust off the email to blog picture posting bridge.
Why is the delay so long from announcement to launch here in the U.S.?
Just putting this here so I can find it in the future. Universal power outlet adapter. Seems like the one to get if you travel overseas a lot.
Lots of nice free open source web page designs at Open Source Templates. Great resource.
Mapulator is a mash up of the traceroute utility and google maps. Traceroute, for the non geeks, is a command line program that takes a destination URI or an IP address and outputs a list of all the IP addresses that a packet passes through on it's way from the source (your computer) to the supplied destination. Mapulator does this as well, but instead of giving you a list of IPs, it geo-locates the IPs and plots them on google maps so you get a visual of the route.
Very interesting. For instance, right now, data between my computer (in NYC) and tulip (in California) is going through France. Data between my computer and ash (also in NYC) is going through Kansas and North Carolina.
Wow. Impressive dhtml painting application. This AJAX stuff is getting really sophisticated. Well, okay, that isn't actually sophisticated at all compared to a stand alone program like Illustrator, but because this wasn't possible to do on the web a short time ago (without using Flash that is, or a java applet,) it's pretty cool. Notice your drawing is being recorded on the right, and you can press play at any time and it will recreate your drawing over time.
Personally I'm not very interested in making drawing applications, and I don't want to use these techniques at all for creating publicly facing web pages (mostly because I like to always think about supporting small wireless devices where this stuff isn't going to work well.) But for administrative, and other behind the scenes pages, AJAX allows for some serious improvements.
I'm going to work with the dojo toolkit. Here's the general wikipedia page for Ajax:
Ajax, shorthand for Asynchronous JavaScript and XML, is a Web development technique for creating interactive web applications. The intent is to make web pages feel more responsive by exchanging small amounts of data with the server behind the scenes, so that the entire web page does not have to be reloaded each time the user makes a change. This is meant to increase the web page's interactivity, speed, and usability.
First post from the treo 700p. Pretty nice.