FireBug - A great new Firefox Extension for Web Developers...
I find this nifty Firefox extension over on the Digital Media Minute blog. The FireBug extension is basically a combination of a DOM Inspector, JavaScript Console and XmlHttpRequest packet sniffer—all wrapped up into a Sidebar component.
I haven't played around with it very much yet, but for a "pre-pre-alpha" seems to work very well. I did notice that the keyboard shortcut to show the sidebar, does not hide it if it's already visible. That's the only thing I've found so far.
Thunderbird-Tray v1.2 - Systray Launcher for Thunderbird
With the release of Thunderbird v1.5, I also found that I needed to update my version of Thunderbird-Tray from v1.1 to v1.2.
TB-Tray is a launcher for Thunderbird, which stays in memory and will "hide" Thunderbird to the systray instead of the taskbar. It actually has a lot of configurable options for a launcher. I've been using it in one form or another for almost a year. I really hate having my E-mail client show up in the taskbar. It's one of those applications that I almost always leave running and just don't see a need for it eating up a spot on my taskbar.
If you use Thunderbird, I'd highly recommend this application.
Thunderbird v1.5 Released!
Thunderbird v1.5 was released today. I use Thunderbird for my day job and have been anxiously awaiting the next release. Here's a break down of some of the new features from the Mozilla website:
Here's what's new in Thunderbird 1.5:
- Automated update to streamline product upgrades. Notification of an update is more prominent, and updates to Thunderbird may now be half a megabyte or smaller. Updating extensions has also improved.
- Sort address autocomplete results by how often you send e-mail to each recipient.
- Spell check as you type.
- Saved Search Folders can now search across multiple accounts.
- Built in phishing detector to help protect users against email scams.
- Podcasting and other RSS Improvements.
- Deleting attachments from messages.
- Integration with server side spam filtering.
- Reply and forward actions for message filters.
- Kerberos Authentication.
- Auto save as draft for mail composition.
- Message aging.
- Filters for Global Inbox.
- Improvements to product usability including redesigned options interface, and SMTP server management.
- Many security enhancements.
The Rumbling Edge has more detailed lists of new features and notable bug fixes.
Adaptive Path releases excellent Date Slider widget
The guys over at Adaptive Path have released a Flash-based Date Slider that can be controlled via JavaScript.
The Data Slider widget is pretty darn slick. What makes this Date Slider unique is that it is design to show a bar graph of results and you use the slider to narrow down to a specific date range. You could then use the selected range to zoom in on the data, or maybe show a detailed report history from that time frame. Here's a screenshot:
Microsoft releases "official" WMF patch
A follow up from my blog post on Wednesday. Looks like peer pressure really got to Microsoft. An official patch to the WMF vulnerability was released late yesterday. If you don't have your PC set to automatically update, make sure to go visit the Windows Update site (make sure you're using Internet Explorer) and patch your system ASAP.
So much for Microsoft sticking to their patch release schedule. Personally, I'm glad they didn't wait. They should be releasing patches as they're available. If corporations want to wait and release things on a schedule, that's fine, but let us contractors and personal users fix our computers as quickly as possible.
WMF Hotfix for nasty Windows vulnerability
This isn't exactly breaking news, but there's a very nasty bug in Windows 2000, XP and 2003 that has just recently been revealed being called the "WMF vulnerability." The bug has to do with a vulnerable function in GDI32.DLL library that can allow a malicious hacker/web site to install a virus/spyware on your computer.
What makes this bug extremely dangerous is any program that views images (such as Internet Explorer, Firefox, etc) is vulnerable.
Microsoft is claiming that there will not be an "official" patch for this bug until next week. However, this thing is nasty enough that everyone running Windows 2000, XP or 2003 should take some kind of action now.
New Version of Fiddler HTTP Debugging Proxy Available - Critical Security Update
I just noticed that there's a new version of Eric Lawrence's Fiddler HTTP debugging proxy available. This update claims to be critical security update and it's recommended you update immeditately.
For those of you who don't know, Fiddler is a great way tool for monitoring the HTTP traffic on your box. If you're doing any kind of RPC (web services, Flash remoting, AJAX) over HTTP, then this application is a must have.
Here's what's in the new version:
Cool Firefox Extension - foXpose
The Viamatic foXpose plug-in is an extension for Firefox v1.5 that will show all your open tabs in single window with thumbnail previews of the window.I've seen this blogged about a lot recently, but finally tried it out based upon an IM from Cameron Childress.
I was worried that the plug-in would be too CPU intensive, but it does really seem to negatively affect my performance in Firefox. Plus, it's really slick being able to see thumbnails of all my open tabs.
You can activate foXpose by either pressing [CTRL]+[SHIFT]+[X] or by clicking the pane icon in the lower-right hand corner of the window.
Possible Buffer Overflow Bug in Firefox v1.5
John Dowdell posted about a possible buffer overflow bug in Firefox v1.5.
I'm not sure why you wouldn't cap the document.title object at 256 or 1024 characters. There's really no reason why you should be able to dump that many chars into that property anyway.
So, if you find Firefox v1.5 is crashing everytime you start the application, try deleting your history.dat. Actually, I'd recommend renaming it to history.bak that way you don't lose everything if it doesn't fix the problem.
TIP: Adding "Command Prompt Here" Context Menu
I often find myself needing to open up a command line on a specific directory. Since Windows Explorer is almost always open on my machine while I'm developing, it makes perfect since that I'd want to use Windows Explorer to open up a command line prompt in a specific directory via the context menu. How can you do this you ask? You edit the registry.
This is not a new tip. It's been around since Windows 95. There's even been a Microsoft PowerToy that does this for every version of Windows, but essentially all it does is create some registry entries for you. I prefer manually editing the registry, as I then have complete control over how I want the listing to appear.
- Open regedit
- Navigate to HKEY_LOCAL_MACHINE/Software/Classes/Folder/Shell
- Create a new key called command prompt
- Your default value should be Command Prompt Here
- Create a new key called commandunder the command prompt key
- Your default value should be cmd.exe /k pushd %L
A FPS Shooter Example Using Firefox v1.5 Without Plug-ins!
I caught this on Blogzilla. If you have Firefox v1.5, this is very cool. The <canvas> tag looks pretty slick, but since only Firefox supports it, I can't see much use for it right now.
New in Firefox 1.5 is support of the <canvas> tag, which is a new HTML element that can be used to draw graphics using JavaScript. It's not SVG, even though it overlaps functionality with SVG.
Rafael Robayna has created a simple painter demo. A little more detailed is the first-person shooter demonstration.
While both are a little slow and not so smooth, it's still cool to see something like this is possible.
More on <canvas> tag:
Mozilla Developer entry for Canvas
Mozilla Wiki entry for Canvas
Firefox v1.5 Released
Firefox v1.5 is being released today. The website still says RC3 is the latest build, but you should see an official announcement later today (probably between 6pm-9pm EST.)
Eyetrack III - Revealing how user's view a web page...
I actually came across this article several weeks ago, but just never came around to blogging about it. Eyetrack III has released their results from their latest testings and the results are pretty interesting, but not exactly surprising.
In a nutshell, this survey tracked users and the movement of their eyes when viewing a web page. Here is a diagram of how most users tended to first scan a web page:
Browsershots.org - Website screen capturing service
A new free, community driven, web-based Browser Screenshot tool has been introduced called Browsershots.
The concept of Browsershots it to provide you screenshots of a URL you specify in a variety of different browsers and platforms. This is so you can verify that your pages are working correctly.
Browsershots uses a community computing to do all the processing of the screenshots. Users from around the world can load a client on their PC which will grab requests from the queue, process them and then upload the static images to the Browsershots web page. Since everything works off a giant queue, processing may take awhile--they suggest to keep checking the queue for up to 24-48 hours.
MD5 Collision Attack Code Released
I missed this on Slashdot (since I rarely read it anymore,) but thanks to Cameron's blog post I caught this piece of news. The first code has been released that shows how to find collisions in the MD5 algorithm. Essentially this means two completely different source files can be salted to produce the same string. In a nutshell, if you're relying on an MD5 hash to gaurentee the integrity of a file, you have problems—especially if you're relying on it producing unique, secure hash strings.
For a good layman explanation of the problem and the exploit, Magnus Daum & Stefan Lucks have published a really good article over at CITS titled Attacking Hash Functions by Poisoned Messages "The Story of Alice and her Boss".