Spammers apparently love Trac. After trying to fighting spam tickets and later installing the SpamFilter plugin, I’ve managed to control spam tickets in the Open Yahtzee Trac site.. But now spammers started spamming in the ticket comments. The bad news is that Trac (at least in version 0.11) doesn’t have built-in facilities to completely remove ticket comments.
Author: Guy
Audio Based True Random Number Generator POC
Few days ago I came up with an idea to create a true random number generator based on noise gathered from a cheap microphone attached to my computer. Tests showed that when sampling the microphone, the least significant bit behaves pretty randomly. This lead me to think it might be good source for gathering entropy for a true random number generator.
Continue reading Audio Based True Random Number Generator POC
Python’s base64 Module Fails to Decode Unicode Strings
If you’ve got a base64 string as a unicode object and you try to use Python’s base64 module with altchars set, it fails with the following error:
TypeError: character mapping must return integer, None or unicode
This is pretty unhelpful error message also occurs if you try any method that indirectly use altchars. For example:
base64.urlsafe_b64decode(unicode('aass'))
base64.b64decode(unicode('aass'),'-_')
both fail while the following works:
base64.urlsafe_b64decode('aass')
base64.b64decode(unicode('aass'))
While it’s not complicated to fix it (just convert any unicode string to ascii string), it’s still annoying.
URL-Safe Timestamps using Base64
Passing around timestamps in URLs is a common task. We usually want our URLs to be as shortest as possible. I’ve found using Base64 to result in the shortest URL-safe representation, just 6 chars. This compares with the 12 chars of the naive way, and 8 chars when using hex representation.
The following Python functions allow you to build and read these 6 chars URL-safe timestamps:
Continue reading URL-Safe Timestamps using Base64
Hash Puppy 0.2
This is an update for my simple easy-to-use checksum calculator. It supports md4, md5, and sha1 hash functions. I wrote the project as a way to experience and learn Qt.
Changes since the previous version (Hash Puppy 0.1) include ability to abort a checksum calculation and improved GUI responsiveness. Also there were other minor tweaks to make Hash Puppy easier to use.
Continue reading Hash Puppy 0.2
Improved FTP Backup for WordPress
This script backups both the database and files of a WordPress blog into a remote FTP server (while keeping a local copy). It’s an update of my WordPress Backup to FTP script. The main changes are auto-detecting database settings and better support for caching plugins (specifically WP-Cache). The new version makes it easier to backup multiple WordPress blogs to the same FTP server.
Continue reading Improved FTP Backup for WordPress
“CC Yourself” and Spam
Every good web programmer will note that the following contact form markup is probably flawed
<form>
...
<input type="hidden" name="to" value="support@example.com" />
...
</form>
as it is likely that if the value of the “to” field changes the message will be sent to the modified address. The problem with this kind of functionality is that it allows a malicious user to send emails from your mail server. More specifically, it can allow spammers to user your benign server t send their spam (and as a side effect you might be flagged as a spammer yourself).
As this case is pretty obvious one doesn’t see many real-life uses of it anymore (but careless programmers used it more often n the past until they learned better). However one can achieve similar goals (spam-wise) by utilizing a common feature in contact forms: the “CC yourself” checkbox.
Continue reading “CC Yourself” and Spam
Using MusicBrainz when Ripping CDs in KDE
I guess this tip is Gentoo specific. By default KDE uses FreeDB for getting CD info when ripping CDs. If you want to use MusicBrainz native service (not via their FreeDB proxy), there are several steps you’ll need to take.
Continue reading Using MusicBrainz when Ripping CDs in KDE
Disable Touchpad Tapping in Kubuntu
In Ubuntu (gnome) there is an easy graphical way to disable tapping on the touchpad. However, KDE lacks such thing. But lacking graphical configuration doesn’t mean this should be difficult. All you need is the gsynaptics package. The package provides a small utility called synclient. Now you can disable tapping by doing
synclient TapButton1=0
To disable the tapping permanently you should use the following to run the command at the start of every KDE session.
echo "synclient TapButton1=0" > ~/.kde/env/disable-tapping.sh
Using Duplicity and Amazon S3 – Notes and Examples
Up until now I’ve been doing my backups to Amazon S3 using my s3backup script. While it’s simple and does what I needed at the time, I’ve decided to cut some of the costs by switching to incremental backups.
Continue reading Using Duplicity and Amazon S3 – Notes and Examples