trog's haus

Ever looked at a link to a file online and wanted to find out how big the file is? Sure, if you’re hardcore you can fire up a command prompt and just do “wget –spider –debug [url]” or whatever, but surely you should just be able to right click on it and go to Properties and get a file size, just like in Windows, right?!

Well, the Extended Link Properties add-on fore Firefox is what I’ve always used to do exactly that. Unfortunately it hasn’t been updated for a billion years and doesn’t work in newer versions of Firefox.

I’ve been using the Nightly Tester Tools to force compatibility (because it’s just a version requirement) but I finally got bored with it constantly breaking every new Firefox version. I’ve dissected the add-on and re-built it into a new XPI which I have dubbed ‘Extended Link Properties v1.2.4′.

Anyone wanting to download it can do so here (md5sum: 03e3e278c2d8b921401cf1a8b68efc45), though you’ll need to manually install it at the moment by downloading the .xpi file, then in Firefox simply go to the File Menu then hit Open File and browse to the XPI. You’ll get the usual notice.

I have emailed Torisugari, the original developer of the add-on, to see if he’s still around. I’ll try and get it on the official extension site at some point if he replies.

Update: Torisugari has replied and pointed out the file is tri-licensed already under MPL/GPL/LGPL. He also points out that this extension will only useful up to version 3.5.x of Firefox – after that the Firefox developers have decided to remove support for the Properties dialog. If you use Properties and/or Extended Link Properties, you should head over and add your voice to that bug report.

As a result of that I’ve changed the v1.2.4 build of ELP that I put together to only support up to v3.5.x of Firefox.

I’ve been getting the following email to a few email addresses:

Hi Everyone,
Alltern8 (www.alltern8.com) is gathering together a group of dedicated experts in MMO Games, LARP & Ren Faires, Tabletop and Collectible Card Games, Tabletop Wargames, PC & Console Games, Comics/Graphic Novels, Cosplay/Memorabilia, and Indie Music & Film to hire a brand new blogging and writing network! This is your chance to make your voice heard about the games you love to play and the events you love to attend.

… and so on in that manner. The subject is ‘Alltern8.com is hiring Writers & Bloggers’.

On the surface it seems like a legitimate email that I might have (inadvertently) signed up for. But I’ve never been to their site before, or heard of it. I have almost every single website sign-up email I’ve ever been sent – since 1999 – and I don’t have one from their site.

I look in the footer of the email where the unsubscribe options are, and I see this:

Alltern8.com only emails to addresses collected via it’s own site or one of it’s associated partner sites, we take SPAM seriously so please unsubscribe by replying with the subject UNSUBSCRIBE and you will no longer receive mails from us. This is the quickest way to stop getting mail via our site.

So maybe it was an associated partner site I signed up to. Possible.

But then – something happened! I got the exact same email to a QGL mailing list, which has long been targeted by actual real spammers.

Now the most likely scenario has changed. I think they’re spammers. I’ve replied to their email (for reference, always a foolish thing to do, because it can simply just highlight the fact that your email address is still active and ripe to be spammed).

It’s an interesting issue. If I was less anally retentive about emails I get and where they come from, I would have just accepted this as something I signed up for and moved on. So much spam I get these days just has a similar footer, a we’re-so-innocent routine that is rapidly becoming tiresome – “oh, you must have signed up for something with us at SOME point, how ELSE would we have gotten your email.

I’ll be making sure that we accurately track sign-up information so when users want to know why they got a newsletter, we can say “well, you can see right here that on the 15th of May 2009, you created an account and left the ’subscribe to newsletter’ checkbox ticked!”

edit: Shortly after posting this, someone from alltern8.com replied – check the comments for their thoughts.

We regularly get people asking us about issues (real and imaginary) on our websites. There are a variety of frustrating ways users can report problems with websites, including the favourite classic – “it doesn’t work”.

If you’re ever on a website and it has a problem or something isn’t working as expected, you should definitely take the time to report it. Problems often can go completely unnoticed by the development team, especially on large websites, and it’s only when they’re actually brought to someone’s attention that they are fixed.

However, if you are going to report a problem with a website, then there’s a couple of things you should try to remember to include, at an absolute bare minimum, to help the people at the other end know what you’re talking about:

1) A URL. This is the bit of text in the address bar that shows what page you are on. It looks like http://www.sitename.com/pagename/, and without it the site developers will probably have no idea what you’re talking about.

2) Some information about what you were doing at the time. Even simple things like saying what you clicked on or what you were reading can provide useful information.

3) Information about your computer, including what web browser you’re using (if you don’t know, it’s probably Internet Explorer) and what operating system you’re running.

Anything else you can add would be gravy, but including this data will greatly help anyone that is reading your request try to figure out how to help you!

I have never figured out the RPM package management system. It’s mostly because I haven’t tried hard, but it still makes me feel like a moron.

Every now and then I stumble across a package that, for whatever reason, is only distributed in .rpm form. Right now I wanted to install nano on godaddy.com’s shared hosting (because I’m also too lazy to learn vi), and the easiest way I could think of was to nab the .rpm and just rip out the nano binary.

Turns out this is really easy from a Linux shell:

# rpm2cpio [rpm filename] | cpio -idv

Another victory for laziness! It spewed out a bunch of stuff, I nabbed the nano binary, threw it on my godaddy shared hosting using wget via ssh, and now I have a fully functional and awesome editor (no matter what anyone tells you).

My GPG installation (Windows binaries, some ancient version) has worked flawlessly for several years, but I just went to run my usual mail backup script after some minor changes – I installed enigmail for Thunderbird. This act, or some related act, appeared to mess up something in my keyring.

At first I thought it was that it had unsigned my keys, but a closer look indicated it was something to do with the trust database. I thought this would be a trivial problem to solve (ie, I’d be able to Google the error message and be given a nice, simple howto to follow), but I was surprised – there was a bunch of useless stuff.

Anyway, the warning appears to be related to there being no ultimately trusted key (funnily enough). That is, you haven’t specified a “root” key that you have declared as the one that you trust to make all other decisions (I’ve had 4 beers and might not be articulating the purpose of this well).

However, the fix is pretty simple. You just need to specify your key as “ultimately trusted”.

The easiest way to do this (assuming you are using GnuPG command line like I am) is to just edit your key and make it trusted:

1) gpg –edit-key [your key id]
2) select the key (I just typed ‘1′ and hit enter; you can confirm by typing ‘list’
3) type ‘trust’ to change the ownertrust
4) select option 5, “I trust ultimately”, then say ‘yes’ to the confirmation
5) type ‘quit’

…and you’re done.

The Giganews Accelerator is a free Windows application distributed by Usenet provider Giganews to provide compressed, encrypted header downloads. It also provides in-built speed control and some statistics about connections.

I recently used it to download the full list of headers from alt.binaries.games (I accidentally blew away all the AusGamers NZBs from our file server and needed to recreate them), which worked out to be around 9gb of data (once stuffed into a MySQL database).

My header retrieval script estimated it was going to take about 30 hours from start to finish. I recalled something about compressed headers and did some Googling and found this, and then tried it out – the new estimate was less than 10 hours, and I think it actually finished faster than that (I left it running overnight and it was done by the time I got up).

There’s a couple of annoying things about it:

1) There’s only a Windows version. A Linux version would have saved me heaps of dicking around (my header stuff usually runs on Linux on an AusGamers server, so I had to move the whole thing onto my work box and Windowsify it all).

2) The Windows version will only listen on localhost. There’s no way to make it listen on all IPs for a box, so you can’t (for example) run it on a Windows box and connect to it from some other box (which would have obviated the need for number 1, at least for me in this particular scenario, as I have a Windows server I could have used).

I tried a few things I found – notably, netsh for Windows, which looks really handy but deserves another post all on its own, if only for the fact that it’s advertised purpose doesn’t seem to actually work on Windows XP because of some bug.

Overall though, if you’re doing anything on Usenet that involves getting a lot of headers, getting this thing working is pretty handy.

A while back, ANZ offered me the opportunity to receive some of my statements as ‘e-statements’. While I fully approve of the move away from paper, I must confess I was slightly disappointed to find out that they’d be emailing me notices about these e-statements – one of the big reasons I think Australia (or at least, ANZ) has done well in the fight against phishing is because they’ve simply not ever sent any emails out, ever. Contrast this to a US bank (Wells Fargo) – within days of signing up I’d received a huge variety of emails, making it easy to see why so many US citizens get scammed so easily.

I typically ignore these emails but as part of my ever-growing interest in how email works and how people use it, I checked out my most recent one, and was interested to see the following disclaimer in the email footer:

ANZ does not guarantee the integrity of this communication, or that it is free from errors, viruses or interference. As email is transmitted via the Internet, which is an unsecure environment, ANZ cannot ensure that an email is not interfered with during transmission.

Clearly they’ve never heard of public cryptography! Of course, even if they had, and the email was encrypted and/or digitally signed, that last sentence wold probably still exist from a sheer cover-their-ass perspective.

Still, I’m looking forward to the day when my bank (and other sites) let me enter in my public key as part of my account settings so all correspondence from them can be encrypted. I’m continually surprised that so few sites do this. I’m keen to integrate something like this into AusGamers – not that we really need it, but just because I think it would be cool to do.

It should be noted though that their emails include /no/ links at all and are sent in plain text.

I went to www.birch.com.au the other day to look up some timetables and they’ve replaced it with a new loud glary site that I couldn’t get working instantly. I turned off Javascript and found they have a mobile site as well, which is at http://m.greaterunion.com.au – it offers a really simple interface to quickly get timetables for their cinemas all across Australia.

Except, as jadz0r points out, it appears to be subject to XSS vulnerabilities, so use at your own risk.

Astroturfing (the practice of companies pretending to be ‘regular people’ and posting product or service recommendations on forums or blogs) is becoming a big issue. It’s becoming an increasing pain in the ass for us on AusGamers – as our site grows, we get more people drifting in from search engines on random keywords trying to pimp various products.

Unfortunately for this particular campaign – which is surprisingly subtle, giving the sheer obviousness of most of the others we get – it’s going to backfire, because I’m trying a new strategy. Rather than just blowing the whole post away, I’ve posted a link to a competitor.

We’ve been thinking for a while how to stop things like this. The most obvious strategy is to simply not allow new users to post URLs. This is what we’ll probably end up doing – before a user is allowed to post a URL, they must have at least (say) 10 regular posts to prove they’re actually interested in contributing to the community. The number will probably have to be tweaked a little.

There’s a bunch of other ways – approving first posts by new users, stopping them from creating new threads altogether, etc. At the end of the day I think the require-some-posts method works for us because we want to encourage a community of active users that regularly post useful information, and post counts is a simple (if not completely accurate) method of deriving some base level of trust – if they’ve got 100 posts, they’re more likely to be useful (simply because they haven’t been banned for astroturfing).

After reading Hogfather’s post in this forum thread about people recording stuff off the radio it occurred to me that people probably don’t know how to do it in this new era of digital streaming radio.

Be aware that this is almost certainly not fair use and almost certainly is a violation of copyright. It is here for educational purposes only. I personally use this if there’s a song on the radio that I want to remember to look up later so I just grab a little bit of the lyrics so I can Google for it later to find out what song it is.

Here’s how to do it (you will need some familiarity with using the command line):

1) Get wget. I’ll assume you’re using Windows, so go to the wget for Windows page and grab the latest version.

2) Go the TripleJ website and look for the ‘Listen Live’ box which has the MP3 stream link.

3) Right click the link and save the file (triplej.m3u) to your computer.

4) Open that file in a text editor like notepad – it will just contain a single line, which will be a HTTP URL to the mp3 audio stream (at the time of writing that URL is http://202.6.74.107:8060/triplej.mp3).

5) Open your command prompt and invoke wget with that URL (or the URL in the file, if it’s different, obviously) as the parameter:

wget http://202.6.74.107:8060/triplej.mp3

This will start downloading an mp3 file which is a recording of what is playing on the Triple J stream.

WARNING: If you don’t stop it downloading, that file will grow to be huge. It will keep downloading as long as the stream is active. Just hit CTRL-C to stop it downloading once you’ve recorded the section of the song you want.