Schinckel.net

LMAO!

The new Mitcham Square shopping centre has (kind-of) opened. It’s all very new and clean, and has quite a few shops. The cinema hasn’t opened yet, but it will be nice when it does. No more treks down to Marion to go to the movies. I hate that place. I went into Mitcham Square today to go to the supermarket. The carpark isn’t quite complete, meaning finding a park, and driving around at all was kind of difficult. At least I did find one fairly close to the entrance. Once I went up the escalator ramp, I was in the new place. As soon as I stepped out onto the shiny tiles, I nearly slid on may arse. That floor is very slippery. Old people beware. I wandered around and found the Foodland. Classy new supermarket building; RFID (I assume) price tags on the shelves. That is, no printed labels with prices, but all little LCD screens. Now, I’m all for modern technology that improves our lives, but I have some issues with this particular instance. Firstly, the tags are smaller than regular price labels, and because there is no backlight, you actually need to move in quite close to see the price. And I have good eyesight! Half of the tags had scrolling text ($1.99; Normally $3.99, Save $2.00!), although admittedly the current price was always visible. But small. Secondly, here in (South?) Australia, we have a special Code of Conduct for Electronic Registers. That is, if you purchase an item, and the register records the price as higher than the one written on the shelf, you get the item free. (If you purchased more than one, only the first is free, the remainder are at the lower price!). This is all well and good, but what’s to stop the electronic shelf tag being networked in, and price updated automatically? I’d personally suspect they aren’t (lots of tags -> lots of IP addresses, even inside a private IP range). So, I’d suspect there are programmers that need to be held near the tag to update the price. Okay then, I want one of those. I’d go around changing the prices, and bingo! Everything for free. • My final whinge is against another shop there. I walked up the escalator (yes, they aren’t there to just stand still on!), and thought “Oh cool. An Illy.” However, that sign was misleading. Apparently it isn’t a proper Illy cafe, just sells Illy brand coffee. Except that the Illy sign is more visible (especially when coming up the way I did) than the name of the cafe.

Howard heart-attack email carries virus :: Hack In The Box :: Keeping Knowledge Free What a shame it isn’t true… Anyway, I did some digging, and this is what happens: The site listed pushes you to a couple of other pages, via framesets. Then, there is a clever JavaScript which decrypts another script, this time written in VBScript. This script downloads, and executes, a Windows executable. Which apparently is a nasty piece of work. The clever parts are these: The method of encrypting the JavaScript. It uses a simple replacement method to take a string, which appears meaningless, and return it to a plaintext. Nothing too hard here, except it’s a somewhat complex algorithm to get that far. If you are interested:

    function makemelaugh(x) { 
        var l = x.length, b = 1024, i, j, r, p = 0, s = 0, w = 0, 
            t = Array(63, 16, 44, 51, 25, 37, 46, 62, 8, 18, 0, 0, 0, 0, 0, 0, 45, 28, 13, 4, 
                      30, 31, 48, 12, 21, 60, 47, 29, 2, 17, 23, 15, 40, 11, 1, 9, 34, 0, 26, 49, 
                      43, 58, 53, 0, 0, 0, 0, 56, 0, 10, 3, 42, 5, 59, 41, 22, 19, 27, 61, 33, 7, 
                      54, 55, 20, 50, 6, 57, 39, 36, 14, 52, 32, 24, 38, 35); 
        for (j = Math.ceil(l / b); j > 0; j--) { 
            r = ""; 
            for (i = Math.min(l, b); i > 0; i--, l--) { 
                w |= t[x.charCodeAt(p++) - 48] << s; 
                if (s) { 
                    r += String.fromCharCode(170 ^ w & 255); 
                    w <<= 8; 
                    s -= 2; 
                } else { 
                    s = 6; 
                } 
            } 
        temp = temp + r; 
        } 
    }
    

I’ve made it less dangerous by replacing the document.write(r) with temp = temp + r. This way, I could just get the text, rather than have my browser execute it. This function, makemelaugh(), is run on a block of text, resulting in a script that, as mentioned, downloads, and then executes a file. I think the first half of the script is based on the second half, as the second script block points to a file that doesn’t exist. And the first part is a little cleverer, in that the filename it chooses for the executable is random. Meaning that a virus checker can’t rely on a particular filename when scanning. The file appears to be exactly 2006 bytes in length, but I don’t have the tools on the machine it’s stored on to look further at it. And I don’t want to bring it to the PC I’m at now in case I accidentally execute it! Apparently the virus isn’t anything to do with John Howard, that’s just the delivery vector. Basically, you are safe from this virus if you are using a Mac. You are safe from this virus if you don’t have JavaScript, or VBScript turned on. And, I think you are safe from this virus if you are using Firefox. But I’m not so sure about this. However, if you are using IE, on a Windows machine, don’t go to the address… Nah, I’m not going to link to it…

Internet Explorer has some interesting foibles. And by interesting, I mean annoying. For instance, if I’ve visited a page on my site, such as: http://schinckel.net/wp-admin/ Internet Explorer seems to remember it as http://schinckel.net/wp-admin Notice that the trailing slash is missing. Blogsome will report that “Page Does Not Exist”, or if it looks like a Post page, “No posts made”. With access to the HTTP server, this would be easy to fix (just create a rule in the relevant place that allows for URLs of this form), but on Blogsome this is a bit harder. You need to be able to check the last character of the URL string, and if it isn’t a /, append one. This should work fairly well in all cases, since every reader visible URL ends in a /. So how to do this? Getting the URL is easy: {$smarty.server.REQUEST_URI}. However, getting the last character is a bit more difficult. Or so it appears. But Smarty allows for accessing strings as an array, so {$smarty.server.REQUEST_URI[0]} will get the first character. To get the last is a therefore possible. {$smarty.server.REQUEST_URI[-1]} fails, so I’ll need to get the length of the string. {$smarty.server.REQUEST_URI[$smarty.server.REQUEST_URI|count_characters ]} also fails, but {$smarty.server.REQUEST_URI[smarty.server.REQUEST_URI|count_characters ]} works. Now, we just need to test if this value is “/”, and if it isn’t, then reload the page with that added. Which I can’t seem to figure out how to do with Smarty… • Of course, doing the same with JavaScript is a piece of cake: if (document.URL[document.URL.length-1] != "/")     document.location = document.URL + '/'

I’m teaching Stage 2 Information Technology Studies this year (it’s turning out to be a fair bit of work, but I’m quite enjoying it), and I have to come up with some project topics. The students have to do two projects, one on each of the Option Topics we will be studying. At this stage, I’m planning on Application Programming (using python, and some form of GUI), and Website Programming (HTML+JavaScript). What I do need to do is think of some suitable project topics. Something that is challenging enough for Year 12, but not too difficult. I’ve got some ideas for Websites, as there is a bit more scope to do something cool. It’s a bit easier to implement cool stuff with a more limited level of skill in HTML than it is in an application program. I also have to write some skills tasks, that assess each of these topics. I’ve got some good ideas here for the application programming one (give them the GUI code, and get them to make the backend, and for the other, give them some working application code, but as a series of functions, and get them to combine the functions into a full application). I’d love to be in a situation where I could teach ObjC, since I do have a Mac computer room at school, but since I don’t know it that well myself, that might be a future task. I seriously wish anygui had taken off. But, even late in the game then, I wasn’t really keen on how the backend interface was turning out. I came across Dabo yesterday, and that looks cool, though.

There’s a new show starting soon on SBS, Wilfred. After seeing the advertisements a couple of times, it looks really good. The premise is that a girl’s dog, the Wilfred of the title, loves his owner, but hates the boyfriend. He manages to sabotage just about everything about the relationship. Sound interesting? It’s a comedy, and did I mention that the dog(s) in the show are men in dog suits. However, something I just read might turn me off it, before I’ve even seen it. Apparently, it’s by the same guys who created the despicable excuse for a comedy that is known as The Wedge. The only saving grace may be that SBS has picked it up, rather than one of the commercial stations (notably Channel 10?) Perhaps that will mean it is actually good. </TV Snob Mode&rt;

Bill Kerr: amazing javascript This is a fairly cool script. It makes all of the images on a page fly around. What’s neat is how smooth everything is. It wasn’t too long ago that machines didn’t have the power to do this. [try on this page][2]

[2]: javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.getElementsByTagName(‘img’); DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position=’absolute’; DIS.left=(Math.sin(Rx1+ix2+x3)x4+x5)+’px’; DIS.top=(Math.cos(Ry1+iy2+y3)y4+y5)+’px’}R++}setInterval(‘A()’,5); void(0);

Kosmina may pay ultimate penalty for spray - Football - Sport - smh.com.au You mean they’re going to execute him for yelling a the ref? I thought that’s what “Ultimate Penalty” meant.

ADELAIDE United coach John Kosmina could be forced to watch the A-League grand final from the AFL coaches’ box at Telstra Dome after again falling foul of the FFA’s disciplinary watchdogs after Sunday’s dramatic penalty shoot-out win over the Newcastle Jets.

Oh, that’s what you mean. I love how journalists overdo it.

Well, I’ve just come home from the most fun tournament on the TouchSA calendar. The Colley Reserve 5-a-side tournament is down at Glenelg, and is a single day tournament that is stacks of fun. My team was a UniSA+others team, organised by Paul Rogers. We managed to remain undefeated until the Grand Final, when the hand-picked “The Drought” team, with all current or ex-state and/or Crusaders _players, beat us 3-1. We had been very strong all day, with the highest score (it’s a 20-minute turnaround game) 10-0, and the best for and against record. We comfortably won the Semi-final against a team from Gawler, but struggled against _The Drought. Thanks to all of my team for a good fun day.

Leaked video of friendly-fire killing in Iraq

One is heard to say “I’m going to be sick” after he realizes what happened.

Now this makes me sick. Why should killing a “friendly” person make you sick, when killing an unfriendly one doesn’t? Surely killing any person is the same?