I posted BBMRTG v1.7 to deadcat this afternoon. It’s been tested on Big Brother and Hobbit, a GPL’d replacement for BB. This version includes Jim Johnson’s support for MRTG’s Factor parameter, and a couple of bug fixes from Dan McDonald.

Yesterday, I posted more info on the Firefox IDN issue along with a couple of additional work arounds to address the issue of the state of the enableIDN flag not being properly changed, even though it shows as being false. I had originally included a link to an extension that has been written to disable IDN permanently, but on the two machines I tested it on, Firefox wouldn’t load properly once the machine was rebooted. For those who just want things to work, I’d recommend against using the extension.

Editing the compreg.dat file manually works, as does installing the nightly build of Firefox, which is the option I chose since I already had to re-install the app to fix the load problem.

For those wanting to experiment, the extenstion is available here: http://friedfish.homeip.net/extensions/no-idn.xpi.

Forty years ago today the Canadian flag was inaugurated on Parliament Hill. Colin posted an interesting link over on Globecord to the Department of Canadian Heritage’s flag etiquette guide.

Netcraft reports that the Mozilla Organization is planning to disable International Domain Names (IDN) in the default configurations of the Firefox and Mozilla browsers, in an effort to limit the effectiveness of phishing attacks that might exploit the recently publicized flaw in IDN.

Last week I posted a comment about this, and what I thought at the time was a valid workaround for disabling IDN. Setting enableIDN to false it isn’t effective on all Firefox browsers; the nightly build code has fixed this. When I tested the browser on my notebook, it failed Secunia’s spoof test. According to the MozillaZine forum thread about the IDN issue, you can also disable IDN by commenting out all references to IDN in your compreg.dat file. This worked for me.

[Link to an extension to disable IDN removed, see later post.]

Joel Webber has posted a good overview of how maps.google.com works on your browser.

Google announced Google Maps today on their blog. The latest addition to their technology merges their search capability with a graphic layout of results on maps.

My first impression is that it’s a easier to use than Mapquest is, although the local maps will need some updating. No one refers to the 401 as the MacDonald Cartier Freeway, and the other 400 series highways appeared to be missing labels completely.

Getting directions to a location was a breeze - the one line address entry is much easier to use than the form boxes on Mapquest. Google understands searching well enough to be able to get the address right if it’s entered in standard address,city,prov/state format. It wasn’t flawless though (not that I’d expect a new beta product to be flawless). The directions in the small sample of tests I ran were pretty good, but not always the most direct. I didn’t see a way to convert distances from miles to kilometres either.

The business search is excellent. “Butchers in Pickering ON” produced a list of 10 butchers within a few km of home, all displayed on a the local map. Keyed icons linked locations to business details in the sidebar. The search was easily narrowed by giving it a more specific location, such as “pizza near Don Mills Rd and Sheppard Ave in Toronto”. This is a great tool.

I shipped a preview of the next release of BBMRTG to the folks who contributed changes. This release contains only a couple of fixes, but a fair amount of work was done cleaning out unused code and standardizing the code. More work remains for the next release. The biggest change is the documentation overhaul. The bulk of it was moved from inline comments to the POD. Some may prefer the inline documentation, but I found it fairly messy to read.

There still remains some trouble with reporting disk usage on iSeries machines, although I’m not entirely sure what’s wrong just yet.

I hope to post the next version to deadcat later this week, or early next week.

A security risk in International Domain Name [IDN] support was announced at Shmoocon this past weekend. The attack works on most browsers other than Microsoft IE (which doesn’t support IDN unless a plugin has been installed).

The Shmoo Group has a proof of concept page up demonstrating how a browser can appear to load paypal.com. The exploit works for both normal and SSL enabled sites.

The fix for Firefox is straight forward:

1. Navigate to about:config in Firefox (enter it in the address bar).
2. Enter network.enableIDN in the filter bar.
3. Double click the entry for network.enableIDN if it’s value is currently true. It should be bold when false/disabled.

Once IDN is disabled, the proof of concept will fail with an error that the site can’t be loaded.

[update 2005-02-15 - This fix is not 100% reliable, see my later post.]

I noticed last night that most entries here were still set for ‘registered_only’ commenting, so I updated everything to ‘open’. Sure enough I look here this morning and I’ve been spammed once again. I made a silly mistake in the patch I produced a month ago. A regex compare of a blank string against another string always matches resulting in a blank validation code always working. Since the spammers aren’t even sending the code, they’re posts worked fine. It’s fixed now.

Some astronomers are proposing that a new telescope be built instead of repairing the Hubble space telescope. The new craft, called the Hubble Origins Probe, would be developed using technology similar to the current Hubble but with updated materials. In some cases spare parts from the existing telescope would be used. It’s estimated it would cost under a billion dollars and about 65 months to build.