Monday, December 29, 2008

'Twas the vuln before Christmas

As a Christmas gift to Microsoft, a hacker released proof-of-concept code for a Windows Media Player crash that at first was reported to be exploitable.

The SVRD bloggers quickly poured cold water on that, but I found this poetic response amusing enough to link to from here:

A file template built, Pat now had the vision,
To find oddness in song tempo, and time division,
and what in my windbg window should appear,
but a #DE error, no int overflow here!

Now checking in IDA, and tweaking edx,
no memory moved, no additional wrecks,
not a vuln at all here! Not nearly the same,
I can't believe we stopped drinking for something so lame!

Saturday, December 27, 2008

The "earn less, spend less" movement

Or, Why not start your weekend on Wednesday?
See the thought-provoking article by Tim Harford in Slate:

Here's the big question of the season, then: Why don't we do as countless moralists urge every year and focus less on money and more on leisure (or spiritual concerns, if you must)? Why haven't we all decided to work less, spend less, and consume less?
There is an anti-consumer movement with a ready answer: We're helpless, enthralled by advertisers and hooked on shopping. I've always had a slightly more optimistic view of human autonomy.

A more convincing answer is that we work hard because income is linked to our desire for status, which is collectively insatiable, because status is largely relative. A famous survey by economists Sara Solnick and David Hemenway found that many Harvard students (although few Harvard staff members) would rather have an income of $50,000 in a world where most people were poorer than an income of $100,000 in a world where most people were richer. The survey has arguably been overinterpreted in the 10 years since it was published, but it does seem to point to an important truth: It matters to us how much money other people have.

Friday, December 26, 2008

Apple CEO "Choose Your Own Adventure"

I was just reminiscing about the old "choose your own adventure" books I read as a kid, and now I see there is an online version in which you get to see what happens after you pick a new CEO for Apple.

Thursday, December 25, 2008

Merry Christmas!

I'd like to wish all my readers a Merry Christmas from a decidedly white Seattle - it snowed a few more inches today and I made a decent snowman (pics to come).

Wherever you are, I hope you are surrounded by friends, family and loved ones.

December snow at home

Thursday, December 18, 2008

A cheaper XBOX 360 wireless adapter

Instead of paying close to $100 for the XBOX 360 USB wireless adapter, I came across some how-to's that describe modifying a cheap wireless router so that it can be used to get devices onto your existing wireless LAN.

This article matches the current DD-WRT firmware the closest, and I got things working eventually using a Netgear WGR614v8 and DD-WRT v24-sp2. The firmware UI makes it even easier to set up than the article describes. You just need to:
  • Use an ethernet cable to connect to the client router. Connect the admin page (usually and change the admin username/password as prompted.
  • Go to the Wireless tab and select "Client Bridge", and enter the SSID for your existing wireless LAN. Set up the WLAN type and encryption if needed.
  • Make sure your WEP/WPA key is entered correctly - the "unhide" option is useful. (I had a typo which initially made things fail)
  • Back on the Basic Setup tab, you should see that the WAN interface is disabled, and the DHCP server is disabled too.
  • Give the client router a static IP on the same subnet as your main router. (E.g. my main router is and my client router is If needed make sure your primary router is assigning DHCP addresses in a higher range, e.g. starting at
  • Apply the settings, and refresh the machine that's plugged in to your client router. (Un-plugging and re-plugging the ethernet cable is the easiest)
  • You should now get an IP address from your primary router, and be able to ping the primary router's IP, in my case. You should be able to connect to the Internet.

Thursday, December 11, 2008

Forgettable Pinotage: 2008 Zarafa

So, I've just gotten to taste the 2008 Zarafa Pinotage I bought at Trader Joe's a week or so ago.
A while ago I moaned about how bad the 2005 vintage was, but now I wonder if I got an off bottle?

The 2008 vintage is perfectly fine for a cheap ($4) red wine, think "3 Buck Chuck" from South Africa. While it is not bad for the price, I can't say it really represents the Pinotage varietal or South African terroir. It might as well be cheap Merlot.

Friday, December 05, 2008


Ken Levine has a fun contest underway on his blog: whoever can come up with the most humorous made-up definition for a Google CAPTCHA wins a cool prize. You enter by posting a comment under the post linked to above.

I have a few entries posted already, and in the process was offered this CAPTCHA which is too rude to enter:

More SA wines on WLTV

Peter May pointed out an old episode of Wine Library TV where more South African wines are tasted - this time some premium wines.

Gary really liked one of them - after tasting the 2004 Kanonkop Pinotage is one episode, he decided to do a follow-up show focusing on this wine and seeing how it changed with different amounts of breathing time.

Episode #218 is here, and #219 is here.

Thursday, December 04, 2008

Another reason I like Washington State

Where else would the State Capitol put up a sign from an Atheist group to balance out the Christmas nativity scene? Strangely enough, not everyone is happy with this. I think seperation of church and state is a great idea. So, either it all goes, or it all has to get equal airtime :)

PS: Go see Bill Maher's movie Religilous. And read the His Dark Materials series. You'll be in good company when you land in Hell with the rest of us...

Pinotage tasting on WLTV

Gary Vaynerchuck tastes some Pinotage from South Africa in today's Wine Library TV show.
Check it out here. Sadly he stuck with the "value" wines, instead of the big guns that win awards. Why is it that mostly California and France get featured for expensive wines? How about a show with $30+ South African wines just to show people that there is some really good stuff along with the more value-driven wines.

On a semi-related note, I noticed Trader Joe's is still selling the Zarafa Pinotage, which was really awful last time I tried it. Perhaps I had an off bottle and it's worth another try?

Wednesday, December 03, 2008

Proposition 8

Thanks to Lucia for pointing this out! (If the embedding doesn't work, try this link instead)