I often work at my PC in the dark, and I know it’s not very good for the eyes to look at the bright screen in the dark surroundings. I checked multiple ideas concerning the problem, including a LED backlight from an IKEA lamp on a friend’s TV, but I never came to building something like that myself. One time I even had my desk lamp turned behind the screen to act as a backlight of sorts, but it was obvious that was not a solution to last.
A solution came suddenly, when I saw some CCFLs on sale in an online hardware store for €4,99. One trip to the shops and 7€ spent later I’m sitting here in the dark, typing this text and having my eyes not stressed at all 
Read the rest of this entry »
Introducing my new Android app. Read fun internet quotes from a variety of websites. Perfect entertaining while waiting in queues, public transport and similar.
Quote sources:
- bash.org
- qdb.us
- ibash.de
- bash.org.ru
… and other sites in English, German and Russian.
Let’s have a simple experiment. Without stopping, let’s say all the words we know (or ask a friend to do this). The first ten words will come at once. Then we will look for and name objects in the room – maybe ten of those. Then we remember a few unusual words from the far distant end of our vocabulary. Abd then we stop, because we run out of words.
If we try to describe anything known to us with our words, there will be no word deficiency. One description will be good, another one not so – that will tell the difference in the describer’s skill. But noone will stop looking for the next needed word in a simple story.
An “idea crisis” can only happen, if the designer sets out aiming to think of something new and unusual.
Something new and unusual cannot be thought up – it can only be discovered while working on a specific, defined goal. It’s the same difference as there is between recitation of words and a story.
A writer’s block is a dead end of a senseless way.
© art.lebedev, my translation from Russian
Many webmasters use SVN not only as a version control system during website development, but also as a deployment tool for easily synchronising the development environment with the production server. A serious flaw has been uncovered in the system that many are unaware about, and that poses a significant security threat, allowing a potential attacker to gain access to source codes and configuration files. To understand that flaw, we must understand a little about how the SVN system works.
In every folder that is managed with SVN, it creates a hidden .svn subdirectory. In it, a list of all files and subdirectories in that folder are stored, together with technical information about their history as well as every file itself. The file .svn/entries contains a list of all files and directories in the folder where .svn is located, and the directory .svn/text-base contains the recent revisions of all files, with .svn-base added as an additional extension.
project |- index.php |- config.php |- dir | |- .svn | | |- entries | | '- text-base | | '- file.ext.svn-base | '- file.ext |- .svn | |- entries | |- text-base | | |- index.php.svn-base | | '- config.php.svn-base | '- ... '- ...
Now, normally the .svn is hidden, and doesn’t bother anyone much. However, with default settings, the webserver will treat the files inside it just like any other file – if requested directly, those files will be served. Using the entries file, a list of accessible files can be obtained – among which there might be configuration files or others containing confidential information. And since the files in the text-base directory have their extension changed they will not be processed by, for example, PHP – the sourcecode will be shown as it is.
This vulnerability was discovered some time ago by a group of Russian programmers. They did a scan of a large amount of websites, including some fairly big names in the .com, .de and .ru zones, and the results were staggering. Owners of hundreds of websites were notified of the vulnerability, and after it was closed, some details were disclosed on a large Russian IT blog Habrahabr.
There are multiple ways of securing against the vulnerability. Among the most simple and efficient are:
- Blocking web access to the .svn directory altogether using, for example, the .htaccess file for Apache.
- Using the svn export command instead of the usual svn checkout does not produce the .svn directory in the first place.
While those solutions might seem obvious (and they really are), I was very surprised when I did a simple check among a few websites from my bookmarks list. So webmasters – if you haven’t yet known about this, beware.
So I’ve got myself a new and shiny HTC Magic as a replacement for the old and dying Touch. And then I thought: hmm, Android is an open platform, and apps are natively written in Java. I know Java. Why not try to write something?
A good idea soon came from a friend: a client for the menu of the Mensa, university’s cafeteria of sorts. So one can look, while walking from the lectures (or sitting in them), what there is to eat today, and whether one doesn’t rather want to walk straight home. And so, a day, lots of coffee and a lot of googling later, I present you this wonderous Android app to see and download:
The app is available from the Android Market, and can be found easiest by scanning the following QR Code (if you don’t have the Barcode Scanner app, go and install it from the Market now, it’s a must on Android):
Which German mobile network do you use?
- E1 - E-Plus (0163, 0177, 0178, 0155, 0157) (38%, 9 Votes)
- D1 - T-Mobile (0160, 0170, 0171, 0175, 0151) (25%, 6 Votes)
- E2 - O² Germany (0176, 0179, 0159 ) (25%, 6 Votes)
- D2 - Vodafone (0162, 0172, 0173, 0174, 0152) (17%, 4 Votes)
Total voters: 24
Loading ...Finally, a new desktop. The “one-laptop-for-everything” idea doesn’t seem to work for me – not for long, anyway. Now, off to get Windows 7 and some games on it and give it a proper bashing.
In English, please
Bitte, in Deutsch
По-русски, пожалуйста