From: molly miller
To: webmaster
Subject: Dance
Date: Thu, 1 Nov 2007 08:52:52 -0700
Are you really doing the hokey pokey tonight?
- Z
Zobar's Journal
My Podcast Link
11/01/2007 13:12 #41919
a couple of you may find this funny- Z
10/27/2007 15:04 #41836
i got some splainin to doOK so we've got two Halloween parties to go to tonight, and I'm only wearing one costume. The roller girls 
will understand my costume without explanation, but I'm afraid it will likely leave many or all of you scratching your heads. I can hear it now: 'I understand you're a roller girl, but what's with the potato masher?' I will not answer your question. I will refer you to this blog.
The QCRG All-Stars* played against the Steel Town [Hamilton, ON] Tank Girls this past summer in a game where the officiating was bad and the sportsmanship was worse. Derby is a rough sport, but this rapidly became unsettling on an almost visceral level. Anyway, the costume is a Tank Girls' uniform.
That does not explain the potato masher. There is a Tank Girl whose name is Cheese Grater. She carries around a cheese grater. I'm not sure whether the name or the kitchen implement came first, but I'm pretty sure I don't want to ask. It's pretty random, but it's not any less random than, say, a potato masher. And I guess cheese is relatively badass as far as dairy products go, but consider this: if someone chucked a piece of cheese at you, you'd be angry but mostly confused. But if someone chucked a potato at you, you'd be IN PAIN!!!!!
- Z
_______________
will understand my costume without explanation, but I'm afraid it will likely leave many or all of you scratching your heads. I can hear it now: 'I understand you're a roller girl, but what's with the potato masher?' I will not answer your question. I will refer you to this blog.The QCRG All-Stars* played against the Steel Town [Hamilton, ON] Tank Girls this past summer in a game where the officiating was bad and the sportsmanship was worse. Derby is a rough sport, but this rapidly became unsettling on an almost visceral level. Anyway, the costume is a Tank Girls' uniform.
That does not explain the potato masher. There is a Tank Girl whose name is Cheese Grater. She carries around a cheese grater. I'm not sure whether the name or the kitchen implement came first, but I'm pretty sure I don't want to ask. It's pretty random, but it's not any less random than, say, a potato masher. And I guess cheese is relatively badass as far as dairy products go, but consider this: if someone chucked a piece of cheese at you, you'd be angry but mostly confused. But if someone chucked a potato at you, you'd be IN PAIN!!!!!
- Z
_______________
- ie, anyone who wasn't busy that weekend
leetee - 11/01/07 13:44
Ah... Hamilton... such a class joint, iain't it? I say the folks from my hometown have class with a capital K.
Ah... Hamilton... such a class joint, iain't it? I say the folks from my hometown have class with a capital K.
tinypliny - 10/28/07 21:53
I get it. But since I don't know what a potato masher looks like, I am at a distinct loss. Was it the helmet like thing on your head or was it some other hidden/in sight implement??
I get it. But since I don't know what a potato masher looks like, I am at a distinct loss. Was it the helmet like thing on your head or was it some other hidden/in sight implement??
10/26/2007 16:21 #41821
something more interestingCategory: blagosphere
"Winter in Blogville" by Jennifer ("14221") Wutz-Lopes (Buffalo Spree, Nov 2007, p26)
But estrip is by far the most colorful screenshot in the bunch.
- Z
Someone ( everyone!) over at Estrip.org has their panties in a bunch about something to do with the fact that they are not taken seriously as bloggers. Take a number and get in line, I say.
But estrip is by far the most colorful screenshot in the bunch.
- Z
dragonlady7 - 10/27/07 07:31
I think (e:strip)'s panties were more in a bunch about being treated like a bunch of chumps in that all the other bloggers seem to think that because they live in the suburbs and offer opinions on things, they're Important, but we don't actually deserve to be told if an event is cancelled or not, because we use the Internet for social networking.
It's possible she's trying to start a flamewar because our blogs get more pageviews than hers...
I think (e:strip)'s panties were more in a bunch about being treated like a bunch of chumps in that all the other bloggers seem to think that because they live in the suburbs and offer opinions on things, they're Important, but we don't actually deserve to be told if an event is cancelled or not, because we use the Internet for social networking.
It's possible she's trying to start a flamewar because our blogs get more pageviews than hers...
joshua - 10/26/07 16:51
You have to be fucking kidding me. Who the hell is Jennifer Wutz-Lopes, anyway? Maybe I should rush out to a Starbucks in the 'burbs to meet her and find out if I care!
Nobody reads Buffalo Spree anyway. Its trite and self-aggrandizing, much like Jenny's own blog. God knows this is too laughable to pontificate about. If there wasn't a tinge of doubt in my head about the nature of (e:strip) and how much she actually knows about it, it would be my absolute pleasure to rip her a new ass for saying something so foolish.
You have to be fucking kidding me. Who the hell is Jennifer Wutz-Lopes, anyway? Maybe I should rush out to a Starbucks in the 'burbs to meet her and find out if I care!
Nobody reads Buffalo Spree anyway. Its trite and self-aggrandizing, much like Jenny's own blog. God knows this is too laughable to pontificate about. If there wasn't a tinge of doubt in my head about the nature of (e:strip) and how much she actually knows about it, it would be my absolute pleasure to rip her a new ass for saying something so foolish.
10/26/2007 15:09 #41820
codeBecause I know everyone's been holding their breath for this, here's the HTTP auth Javascript server-side script and database layout
Notes:
- does not require any hooks in your HTML code; just make sure your form has fields named 'username' and 'password' and import the Javascript
- can be attached to any form with an access-restricted target; script will pre-authenticate and, if successful, send the rest of the form as usual.
- You're not going to be able to use the server script as-is because it's kind of dependent on other parts of the project. You're not going to be able to read the server script as-is because it's Python. [Also in the full version you can change your authentication realm, and users in the special '_administrator' realm can log in to anyone's site.]
- nobackwards Internet Explorer compatibility code in the Javascript
- on successful authentication, 'validate' returns 204 No Content. on unsuccessful authentication, server returns 400 Bad Request.
- Z
server-side script and database layout Notes:
- does not require any hooks in your HTML code; just make sure your form has fields named 'username' and 'password' and import the Javascript
- can be attached to any form with an access-restricted target; script will pre-authenticate and, if successful, send the rest of the form as usual.
- You're not going to be able to use the server script as-is because it's kind of dependent on other parts of the project. You're not going to be able to read the server script as-is because it's Python. [Also in the full version you can change your authentication realm, and users in the special '_administrator' realm can log in to anyone's site.]
- no
- on successful authentication, 'validate' returns 204 No Content. on unsuccessful authentication, server returns 400 Bad Request.
- Z
10/26/2007 00:42 #41808
picking a scabYou know, I just can't fucking leave well enough alone. This morning (e:paul) mailed me a short Surebert script to do logins, which works, yet I'm still hacking this HTTP auth problem. Stay The Course, right?
But I got it solved. 1: Never send 401 Unauthorized without a WWW-Authenticate header. It's not allowed, and you'll get what you deserve. RFC 2617 briefly mentions using 400 Bad Request to report miscellaneous failures to the browser, and sure enough, that resets Safari. 2: If the script detects a failure, send another request to the same URL using a bogus username. This will of course fail, resetting Firefox in the process [thanks (e:kookcity2000)]. I think that's a gruesome hack, but if it works it works.
Why do I care about HTTP authentication? Most importantly, I want to support authenticated, noninteractive web services [specifically an authenticated RSS feed]. Since this code will have to live in my server somewhere, I might as well get some mileage out of it. HTTP Digest is often overlooked but it's a nice middle ground between static hashes [which are plaintext-equivalent] and full-blown encryption [CPU load].
Source code available upon request.
- Z
But I got it solved. 1: Never send 401 Unauthorized without a WWW-Authenticate header. It's not allowed, and you'll get what you deserve. RFC 2617
briefly mentions using 400 Bad Request to report miscellaneous failures to the browser, and sure enough, that resets Safari. 2: If the script detects a failure, send another request to the same URL using a bogus username. This will of course fail, resetting Firefox in the process [thanks (e:kookcity2000)]. I think that's a gruesome hack, but if it works it works.Why do I care about HTTP authentication? Most importantly, I want to support authenticated, noninteractive web services [specifically an authenticated RSS feed]. Since this code will have to live in my server somewhere, I might as well get some mileage out of it. HTTP Digest is often overlooked but it's a nice middle ground between static hashes [which are plaintext-equivalent] and full-blown encryption [CPU load].
Source code available upon request.
- Z
news - 10/26/07 09:34
You could easily implement that with my javascript method. It is using javascript to md5 the data before sending. If you sent some salt from the server you could easily mix that in too and have a total custom blend.
Are you getting Leopard jitters yet!!
You could easily implement that with my javascript method. It is using javascript to md5 the data before sending. If you sent some salt from the server you could easily mix that in too and have a total custom blend.
Are you getting Leopard jitters yet!!
zobar - 10/26/07 08:29
The problem with cleartext and Basic is well-known: you can recover the password. md5 is better because you can't recover the original password. But the server never asks for the original password. It asks for md5(password), which is passed around in cleartext on the wire.
With HTTP Digest, the server sends a random session nonce to the client. The client adds its own random request nonce and sends back (r-nonce, md5(password, s-nonce, r-nonce)). The effect is that the hash that's sent to the server is different for every request. There's actually more that goes into it that also prevents someone from using an old hash.
Will clean up code & post this afternoon.
- Z
The problem with cleartext and Basic is well-known: you can recover the password. md5 is better because you can't recover the original password. But the server never asks for the original password. It asks for md5(password), which is passed around in cleartext on the wire.
With HTTP Digest, the server sends a random session nonce to the client. The client adds its own random request nonce and sends back (r-nonce, md5(password, s-nonce, r-nonce)). The effect is that the hash that's sent to the server is different for every request. There's actually more that goes into it that also prevents someone from using an old hash.
Will clean up code & post this afternoon.
- Z
news - 10/26/07 00:49
HTTP digest is essentially md5 encryption. :::link:::
Can you post the source so we can see it or send it to me.
HTTP digest is essentially md5 encryption. :::link:::
Can you post the source so we can see it or send it to me.
You have GOT to answer her in the affirmative, but tell her your motor oil plan got nixed in favor of olive oil.
HAAAAAA!
That's awesome.
I can't decide whether that message sounds incredibly juvenile, incredibly naughty, or both.