Please enter your username below and press the send button.A password reset link will be sent to you.
If you are unable to access the email address originally associated with your Delicious account, we recommend creating a new account.
This link recently saved by hjl on October 24, 2012
You love your Kindle, but you hate the DRM. What do you do? Well, if you like, we’ll tell you how to strip the copy-protection from your e-books, leaving a plain, vanilla e-book file in the format of your choice. This doesn’t just work for Kindle book, either. The method, detailed by Apprentice Alf, will also remove DRM from Mobipocket, Barnes and Noble, Adobe Digital Editions and Fictionwise books, making these stores much more attractive to buyers.
This link recently saved by hjl on September 19, 2010
An attacker using this vulnerability can request and download files within an ASP.NET Application like the web.config file (which often contains sensitive data), also decrypt data sent to the client in an encrypted state (like ViewState data within a page).
A cryptographic oracle is a system which provides hints as you ask it questions. In this case, there is a vulnerability in ASP.NET which acts as a padding oracle. This allows an attacker to send cipher text to the web server and learn if it was decrypted properly by examining which error code was returned by the web server. By making many such requests the attacker can learn enough to successfully decrypt the rest of the cipher text.
A workaround you can use to prevent this vulnerability is to enable the <customErrors> feature of ASP.NET, and explicitly configure your applications to always return the same error page - regardless of the error encountered on the server
This link recently saved by hjl on July 26, 2010
Full text of book. "The examples used to teach the tools include guessing integrals without
integrating, refuting a common argument in the media, extracting
physical properties from nonlinear differential equations, estimating drag
forces without solving the Navier–Stokes equations, finding the shortest
path that bisects a triangle, guessing bond angles, and summing infinite
series whose every term is unknown and transcendental."
scrape.py is a Python module for scraping content from webpages. Using it, you can easily fetch pages, follow links, and submit forms. Cookies, redirections, and SSL are handled automatically. (For SSL, you either need a version of Python with the socket.ssl function, or the curl command-line utility.)
scrape.py does not parse the page into a complete parse tree, so it can handle pages with sloppy syntax. You are free to locate content in the page according to nearby text, tags, or even comments.
This link recently saved by hjl on January 09, 2010
FindByEmail code released as open-source. You pass it an email address, and it queries 11 different public APIs to discover what information those services have on the user with that email address.
This link recently saved by hjl on August 21, 2009
Programmers are often methodical and precise beasts who do their utmost to keep their code clean and pretty. But when the chips are down, the perfectly-planned schedule is shot, and the game needs to ship, "getting it done" can win out over elegance.
In a case like this, a frazzled and overworked programmer is far more likely to ignore best practices, and hack in a less desirable solution to get the game out the door. We have here compiled nine testimonials from working developers, which chronicle times when they weren't quite able to follow the script and had to pull some tricks to save a project.
This link recently saved by hjl on July 28, 2009
"By now, most readers will be familiar with the local kernel exploit recently posted by Brad Spengler. This vulnerability, which affects the 2.6.30 kernel (and a test version of the RHEL5 "2.6.18" kernel), is interesting in a number of ways. This article will look in detail at how the exploit works and the surprising chain of failures which made it possible. ... Herbert's patch added a line which dereferences the pointer prior to the check. That, of course, is a bug. In the normal course of operations, the implications of this bug would be somewhat limited: it should cause a kernel oops if tun is NULL. That oops will kill the process which made the bad system call in the first place and put a scary traceback into the system log, but not much more than that should happen. It should be, at worst, a denial of service problem. There is one little problem with that reasoning, though: NULL (zero) can actually be a valid pointer address..."
This link recently saved by hjl on March 06, 2009
This link recently saved by hjl on March 06, 2009
Experimental protocol which takes advantage of the HTTP/1.1 Upgrade: header to turn one HTTP socket around. When a client makes a request to a server with the Upgrade: PTTH/0.9 header, the server may respond with an Upgrade: PTTH/1.0 header, after which point the server starts using the socket as a client, and the client starts using the socket as a server.