I hate mushrooms, but I have to admit it looks appetizing. Taken at the Farmer’s Market at the Ferry Building in San Francisco. Since I only had two days in the city I spent it wandering around and checking out touristy destinations. Check out my photoset on Flickr to see the rest.
Super fun with Intercontinential’s Superclick
I’m staying at the new Intercontinential San Francisco and partaking of their pay internet services. In the process of using said services, I’ve discovered that they are intercepting and recording every web page I visit. Does that strike anyone else as odd?
I first noticed that between each page view I would get a little white flash. Then when I went to the New York Times, I discovered that I couldn’t click through to the second page of articles — I would just get redirected back to the first page.
A bit of investigation revealed that Intercontinental Hotel Group is using something called Superclick (and if you don’t believe me, just look at the first testimonial on their homepage). Every time you put in a URL request, the Superclick service uses a transparent proxy to grab the request and redirect it to their own page. Then, from there they do some sort of checking and then perform an HTTP redirect to the actual destination.
Here is a session:
[zeno@viper ~]$ curl -v http://www.google.com/ * About to connect() to www.google.com port 80 (#0) * Trying 209.85.173.104... connected * Connected to www.google.com (209.85.173.104) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.16.3 (powerpc-apple-darwin9.0) libcurl/7.16.3 OpenSSL/0.9.7l zlib/1.2.3 > Host: www.google.com > Accept: */* > < HTTP/1.0 302 Moved Temporarily < Server: squid/2.5.STABLE14 < Date: Sat, 01 Mar 2008 07:46:02 GMT < Content-Length: 0 < Location: http://12.35.79.2/superclick/popup.php?popup=6&url=http%3A%2F%2Fwww.google.com%2F < * Closing connection #0
So on every single request they are intercepting the destination, redirecting it, doing something, and then sending you on your way. And of course this breaks some things that use GET and POST variables, although I haven't tested it extensively (and don't really want to). Instead, I setup an SSH tunnel to a tinyproxy server, and told my OS to forward web requests through there. It's working a lot better and I feel a lot safer.
Speaking of safety, I can confirm that this 2005 XSS vulnerability is still present in the Superclick code.
Well, at least their speeds are pretty good. I'm getting 700KB/s on an scp download from Harvard.
Update: In the morning Superclick made me re-login, giving me the opportunity to read their ToS and AUP. Nothing very controversial in there. Using a proxy doesn't violate the terms, and the only vaguely odd terms are those that say you can't "attach[] an excessively long signature to your [email] message," which is just strange, and the one that disallows "forging the headers of your email message in any way," which is over-broad.
How Dangerous Is the Internet for Children?
I won’t ruin the surprise ending.
Getting cars off the road and data into the skies
Sometime in early 2006 or so, Robin Chase came to a few Berkman talks. When we did our introductions, she claimed to be the founder of Zipcar and to be working on a new startup involving wireless mesh networks and transportation. I wondered at the time, wireless internet traveling from car to car? Am I sitting next to a crazy person, or a brilliant one? I think the answer is probably the latter. She doesn’t go into many details in her TED talk, but you can fill them in yourself.
She climbs
As the blurry cameraphone photo can attest, my mother did, indeed, rock climb. We found a place in Long Beach that has tons of top roping and doesn’t require a belay test, and spent a couple hours climbing and sweating. I’m proud of my mom for trying something new and doing so well, and proud of myself for somehow persuading her to do it!
People in different parts of the world use different methods to count money
Suggestions
“Closing a door on an option is experienced as a loss, and people are willing to pay a price to avoid the emotion of loss,” Dr. Ariely says. In the experiment, the price was easy to measure in lost cash. In life, the costs are less obvious — wasted time, missed opportunities. If you are afraid to drop any project at the office, you pay for it at home.
— "The Advantages of Closing a Few Doors" by John Tierney in the New York Times
The Long Run-Up
A process piece looking at the New York Times reporting on John McCain’s alleged affair with a lobbyist in the late 90s.
Software Notes (Mac Edition)
Soon after Alcor released the source code, Ankur Kothari cleaned up Quicksilver, improved the memory footprint, and fixed a bunch of problems and bugs. Download it here.
The 1.4 beta of iNdependence was recently released. It allows for (nearly) one-click jailbreaking and unlocking of iPhones running 1.1.3 software. I tried it this weekend and it worked great and was pretty easy.
Things is a neat and full-featured todo manager app. It’s sorta pricey, though, and doesn’t talk to iCal, plus I was having some trouble getting my head around how I’m supposed to use it to be more efficient. Now I’m giving Anxiety a shot. It is cute, simple, free, and integrates with iCal and Apple Mail using Leopard’s built in todo support.
[A]nnoyed executives and analysts are wondering why someone would want to play a game with dry business calls that normally follow a tightly controlled formula — unless the game is the whole point. They can’t figure out how the caller is getting any benefit from so closely mimicking them. “If he was spoofing I would hope he’d be funnier,” says Bill Schmitz, an analyst at Deutsche Bank Securities.
— "Hoaxer Haunts Earnings Calls" by Betsy McKay in the Wall Street Journal. From the random humor department.
Pizza in a cone is big in Korea
Wow. That’s innovation.
Unscheduled System Interruption (GSAS.harvard.edu)
I was sort of wondering what this outage was all about; now we know. In fairness to the GSAS admin, one of our high-profile WordPress sites was hacked yesterday, too… Best Digg comment about the incident: “Coulda been worse… God help whoever hacks the law school.”
Celebrating the Semicolon in a Most Unlikely Location
A cute article about punctuation on the New York subway.
I’ve decided the world needs more interrobangs. Right‽
While continuing to hold Power, UP and HotSync, press and release the RESET button on the back panel of your device. This is very difficult to do with only one person; you may wish to hold the stylus in your mouth and use your hands to press Power, UP and HotSync.
— "Zeroing Out Palm" by Khoi Vinh. No wonder the iPhone is taking over.
There Will Be Blood
P.T. Anderson won me over with Boogie Nights and Magnolia, two amazing portraits of time and place and human life set in my native California. I left There Will Be Blood, an epic also based in California, but a century ago, unsure what to feel. Critics call this film a masterpiece, but I’ve spent a good hour thinking about it now and I still can’t figure out what story he’s trying to tell. Clearly the plot itself, about an up-and-coming oil tycoon on the great American frontier, is secondary to the characters, to the examination of a time and an industry and a singular life, but to what end? What are we supposed to feel? How are we supposed to react to the duel of wills of two very different but equally despicable men? Were all the oil drilling accidents that punctuated the film and cut short so many lives supposed to ground us? Was Plainview’s grotesque devolution after the injury of his adopted son supposed to convey to us something profound? Or was it all just a study in evil and self-destruction, a modern-day _Citizen Kane_?
And what was the deal with the third act? Seriously, 20 years later?
As a character portrait, I admit, the film is good. As a period piece, amazing — I was totally taken by the cinematography, the harsh brightness, the gritty scrubland, the ceaselessly pooling and oozing oil, the towering well lit up in flame. I felt the time and the place. But to what end? I left the film more confused than anything. I looked back and said, well, that happened. I don’t know what makes this film a masterpiece. I admit, maybe it was my mood, my seat in the theater, or the sound problems. Or maybe it just doesn’t speak to me. But if the consensus of the rest of the group I went with is any indication, it probably doesn’t speak to a lot of people.
Restaurant Week Boston coming soon
Three-course lunches for $20 or dinners for $33. Good stuff in Cambridge as well.
In 1937, having run away from Greenville senior high school, where he had learned to wrestle and to play American football, he made his way to New York and then Washington DC, where a cousin happened to be the US assistant postmaster-general and took him in. By his own account, when he was 15 Fawcett had started an affair with his best friend’s mother. “If that’s child molestation,” he declared, “I would wish this curse on every young boy.”
— Obituary of Charles Fawcett in the Telegraph. In 92 years he fought the Communists (in several wars), rescued refugees and POWs, married six concentration camp survivors, acted in over 100 movies, slept with Hedy Lamarr, and convinced Charlie Wilson to fund his covert war in Afghanistan. Quite a full life.
It’s not Lupus, it’s never Lupus
For the House fans out there, and anyone else who has ever thought they might have lupus…