Halogen Labs Weblog

I just noticed the JavaBlogs.com redesign, and I noticed the “Hot Entries” link on the side was gone. Oh look, it moved to the top of the page. SO WHY CAN’T I CLICK ON IT IN SAFARI?!

Beginning in October 2007, the National Weather Service will issue storm warnings using polygons instead of for entire counties.

This means fewer people will be unneccesarily warned, hopefully making warnings more accurate.

My only criticism is that it’s not starting until October 2007, which means that we’ll have one last spring Skywarn season of county-based warnings.

Ok, this a “slap me on the forehead thing”. This is probably the worst possible way to secure a web site. It’s one step from NOT securing it at all. I can’t believe I’m writing this, because it’s painful to know that companies do this sort of thing:


if (username == "client1" && password == "client1") { window.location = "http://www.blah.com/client1/"; }

if (username == “client2″ && password == “client2″) { window.location = “http://www.blah.com/client2/”; }


This should be obvious now, and the only reason I’m mentioning it is because I’ve seen this type of “security” in the wild. If I were a potential client, I’d be afraid.

So please… never, EVER rely on Javascript to secure your site. Especially if you want clients to take you seriously.

After almost 2.5 years of ownership, my trusty Revision C G4 Powerbook is no more.

The first problem I had was in March of 2005, when suddenly the 1GB stick of Cruicial RAM wasn’t showing up. The lower RAM slot had failed, and Apple promptly replaced the motherboard.

My next problem was a hard drive that was crapping out, so they replaced that.

Over the next year or so, I’d been having problems with intermittent lockups, unable to boot the machine, etc. Two weeks ago, it finally gave up the goat. The machine hard locked, and no amount of PRAM zapping or power-module-resetting would revive the box. So, in to the Apple store.

Luckily, this time my laptop did a kernel panic when the tech at the store booted it, and he’d been pretty familliar with the lower RAM slot failing, and he had a pretty good hunch that this was the problem again.

So, the Apple store proceeded to order a motherboard, and I waited. A week went by, and I hadn’t heard a peep from the store, so I called them. Apparently the first TWO motherboards they received from Apple H.Q. were DOA, and they had their third one in-store, but were waiting on RAM.

I waited another week.

This week, I called them and bugged them. The tech was very apologetic, and became very proactive in making sure he communicated what was going on with the repair. He said they managed to dig up some known-good RAM, and were going to get it on the bench the next day.

Today, a woman from the same store called, and explained that she was upset with the quality of replacement parts they were getting from Apple H.Q. The third motherboard was also DOA, and she explained that they were going to just replace my laptop with a new MacBook Pro (!)

All I have to say is, thank god for AppleCare :)

The Star Tribune publishes an annual “holiday lights” listing with addresses of houses with lots of christmas lights on them. This year, they decided to use the Google Map API to publish the information. The site uses Ajax to load the database of locations, which is linked for your h4×0ring pleasure.

Ok, it’s not much of a hack, since I just looked through the page source, but there it is!

The British Post Office owns the copyright on the database for British postal codes and their latitude/longitude. The New Popular Edition is asking the British public to help build a public domain postal code database. If you’re in the UK, join up and help the project out!

WSJ is reporting that Google is in talks to purchase YouTube. Details in the story linked.

I know people are still subscribed to this blog… I can hear you breathing!

Last week I gave notice at my current employer, since I have accepted a position as a Software Engineer at a weather data provider. I’ll be de-cloaking the specifics to the general public in a couple weeks, but for those who know me, and those that have followed this blog for a few years, will know that I’m pretty excited about it.

Satellites and T1 lines to the National Weather Service have the weather geek in me bouncing in my seat :)

via AP:

WASHINGTON — Sen. Mark Dayton called for an independent investigation into the National Weather Service today, aimed at uncovering why the agency failed to issue a tornado warning before a deadly twister struck the northwest Twin Cities suburb of Rogers Saturday night.

Duluth News Tribune: NWS frustrated it didn’t spot Rogers tornado soon enough

While a tornado watch had been in effect for several hours on Saturday night, officials said the twister didn’t show up on radar before it touched down in Rogers, leaving a 10-year-old girl dead.

“It’s very unsettling to us not to be perfect,” said Craig Edwards, head of the National Weather Service office in Chanhassen. “We have a lot of angst in our office today.”

Evan Weaver has a writeup of the recently fixed (and hush-hush) security hole found in Rails.

Edit:
There’s also a bunch of talk over here at Ruby Forum.