Feeds:
Posts
Comments

Archive for the ‘Musings’ Category

Just for fun I thought I’d put up a list I found of Instant Messenger shorthand codes and emoticons.  This may be helpful to some of my older friends who are new to messaging.  Some of these are rarely seen and may have already been forgotten.

  • 4VR  –  Forever
  • AYT  –  Are You There?
  • B  – Bye
  • BBFN – Bye Bye For Now
  • BBL – Be Back Later
  • BBS – Be Back Soon
  • BCNU – Be Seeing You
  • B/F – Boyfriend
  • BRB – Be Right Back
  • BTDT – Been There Done That
  • BTW – By The Way
  • BYKT – But You Knew That
  • CU – See You
  • CYA – See Ya
  • CUL8R – See You Later
  • FTL – For The Lose
  • FTW – For The Win
  • GTG – Got To Go
  • G/F – Girlfriend
  • HHOK – Ha Ha, Only Kidding
  • HW – Homework
  • IBCNU – I’ll Be Seein’ You
  • IDK – I Don’t Know
  • IIRC – If I Recall Correctly
  • IMHO – In My Humble Opinion
  • IMO – In My Opinion
  • J/K or JK – Just Kidding
  • LJBF – Let’s Just Be Friends
  • LTNS – Long Time No See
  • LOL – Laugh Out Loud
  • LUL – Love You Lots
  • MYOB – Mind Your Own Business
  • NEWAY – Anyway
  • ROFL – Rolling On the Floor Laughing
  • TOM – Tomorrow
  • TTFN – Ta Ta For Now
  • TTYL – Talk To You Later
  • TNX or TKS – Thanks
  • W1M – Wait One Minute
  • WUZ UP – What’s Up?
  • YT – You There?
  • YT

Emoticons

  • : -) :-)Smiley face
  • : -( 😦 Frowny face
  • :’-( Crying
  • ; -) 😉 Winking
  • :-, Smirking
  • :-0 Yelling
  • :-/ Skeptical
  • :-\ Undecided
  • :-* Oops
  • :-& Tongue Tied
  • ~:-( Angry
  • :-B Drooling
  • %-) Braindead
  • |-O Yawning
  • |~( Steamed
  • >-< Livid
  • : -D 😀 Laughing
  • |-D Laughing bigger
  • :- | 😐 Indifferent or Grim
  • :^D Great!
  • |-P Yuck
  • : -P 😛 Tongue Out
  • :->Sarcasm
  • >:-> Devilish Remark
  • >;-> Lewd Remark
  • : -o 😮 Wow
  • :-< Very Sad
  • :-O Shock, Oh Noes!
  • :-T Trying not to laugh
  • :-X Lips are sealed
  • :-c Unhappy
  • |:{ Disappointed

Free free to comment more below! (more…)

Read Full Post »

Old Games

I’ve been thinking about putting together a Windows 95 machine to play and archive some of those old games I loved when I was kid.  I still have yet to find time to do that, but for my friends who might be interested, here is a list of some of the games I’ve played, with dates they came out, OS’s they were made to run on, developers and producers.

Old Game Dates:
Date Published, Name, Developer, Publisher, (Engine)
<games I played but no longer own>
[relative games I’ve not played]

1992
o    March Windows 3.1x
1993
o    Sept 24, Myst, Cyan Worlds, Broderbund
1994
o    The Journeyman Project Turbo, Presto Studios, Sanctuary Woods
o    <Relentless: Twinsen’s Adventure, Adeline Software, Activision>
1995
o     August Windows 95
o    The Journeyman Project 2: Buried in Time, Presto Studios, Sanctuary Woods
o    Lode Runner Online: Mad Monks’ Revenge, Presage, Sierra Online
o    Torin’s Passage, Sierra Online, Sierra Online
1996
o    May 31, Lemmings Paintball, Visual Science, Psygnosis
o    <Oct 31, Lords of the Realm II, Impressions Games, Sierra Online>
1997
o    Jan 2, Diablo, Blizzard North, Blizzard Entertainment
o    Oct 29, Riven: The Sequel to Myst, Cyan, Broderbund
o    Nov 24, Diablo: Hellfire, Synergistic Software, Sierra On-Line
1998
o    June Windows 98
o    The Journeyman Project 3: Legacy of Time, Presto Studios, Red Orb
o    Starship Titanic, The Digital Village, Simon & Schuster Interactive
o    <Nov 30, Baldur’s Gate, BioWare, Black Isle Studios/Interplay, Infinity Engine>
o    Dec, King’s Quest: Mask of Eternity, Sierra Studios, Sierra Studios
o    Dec 31, Lords of Magic, Impressions Games, Sierra Entertainment
1999
o    June 30, Dungeon Keeper II, Bullfrog Productions, Electronic Arts
o    Nov 19, The Longest Journey, Funcom, Funcom (Norway)
o    Sept 25, Prince of Persia 3D, Red Orb Entertainment, The Learning Company)
2000
o    April 28, Lemmings Revolution, Take-Two Interactive, Psygnosis
o    June 29, Diablo II, Blizzard North, Blizzard Entertainment
o    Oct 6, American McGee’s Alice, Rogue Entertainments, Electronic Arts
2001
o    Oct. Windows XP
o    May 7, Myst III: Exile, Presto Studios, Ubisoft
o   June 9, Diablo II: Lord of Destruction Expansion, Blizzard North, Blizzard Entertainment
o August 21, Arcanum: Of Steamworks and Magick Obscura, Troika Games, Sierra Entertainment, Arcanum Engine
2002
o    June 18, Neverwinter Nights, BioWare, Infogrames/Atari, Aurora Engine
o    Dungeon Siege, Gas Powered Games, Microsoft Game Studios, custom engine
2003
o    [Nov 11, Uru: Ages Beyond Myst, Cyan Worlds, Ubisoft]
o    Nov, Dungeon Siege: The legends of Aranna, Gas Powered Games, Microsoft Game Studios
o    Nov 30, The Prince of Persia: The Sands of Time, Ubisoft Montreal, Ubisoft
2004
o    Sept 29, Myst IV: Revelation, Ubisoft Montreal, Ubisoft
o    Dec 2, The Prince of Persia: Warrior Within, Ubisoft Montreal, Ubisoft
2005
o    August 16, Dungeon Siege II, Gas Powered Games, Microsoft Game Studios, custom engine based on Dungeon Siege
o    [Sept 20, Myst V: End of Ages, Cyan Worlds, Ubisoft]
o    Dec 1, The Prince of Persia: The Two Thrones, Ubisoft Montreal, Ubisoft
2006
o    March 21, The Elder Scrolls IV: Oblivion, Bethesda Game Studios, Bethesda Softworks
o    [April 20, Dreamfall: The Longest Journey]
o    Nov. Windows Vista
2007
o    June 5, Tomb Raider Anniversary, Crystal Dynamics, Eidos Interactive
2008
o    April 8, Assassin’s Creed, Ubisoft Montreal, Ubisoft, Scimitar Engine
o    Sept 16, The Witcher Expanded Edition, CD Projeckt Red Studio, Atari, Aurora Engine
o    [Dec 9, Prince of Persia, Ubisoft Montreal, Ubisoft, Scimitar Engine]
2009
o   Jan 13, Mirrors Edge, EA Digital Illusions, Electronic Arts, Unreal Engine 3

o July 3, Trine, Frozenbyte, Southpeak Interactive

Read Full Post »

An IDE for Php

Php is a good language, open and functional for server side scripting.  But, being a scripting language, it is a loosely typed and does not force you to use functions.  This makes it very easy to write bad Php code if you don’t keep certain paradigms strictly in mind while writing.  To aid good programmers in this endeavor, here are some IDE’s for Php compared.

  • NetBeans – free, available as Php only edition
  • Dev-Php – free, open source
  • Eclipse Pdt plugin – free, currently (as of this date) not compatible with Eclipse Ganymede edition.
  • Komodo – $29.95 personal, $299.95 professional
  • Php Designer – free personal, $55.00 professional
  • PhpEd – $119.00
  • PhpEdit – $89.00
  • ZendStudio – $99.00 basic, $299.00 professional

Now, I personally appreciate free software, so netbeans is my prime choice, followed by Dev-php.  I have Ganymede eclipse, so pdt won’t work for me, and I’m certainly not going to pay for something that I don’t really need.

You can also edit Php in any text editor, including vanilla notepad. But this can easily lead to bad code.  Still, there are some nice editors that do more for you (syntax checking) like notepad++ than notepad.  For a list of these, go here.

For more info on some of those above, see this page for more information.

Read Full Post »

Wikipedia’s explanation of sql injection attacks is quite good, but it can be a little technical for the total newbie. So I came up with this way to explain it for my less technical friends and family.

First an analogy:
Suppose you’re playing a word game, like MadLibs, and I ask you for a word or phrase to fill in this sentence:

“This _____ is delicious.”

Now, if you give me the word “cookie”, everything is fine, but if you should fill in the blank with this phrase:

“sucks. Your mother” then the sentence takes on a much nastier meaning.

In the real world:
SQL (structured query language) is a language, similar to English, that is used to control databases. Sentences like:

SELECT * [all] from cookies_table where Type=’chocolate-chip’ ;”

or

“DROP TABLE cookies_table;”

are provided to the database software to change the way the database looks and acts.

When creating a database for a website that has users and passwords (and potentially credit-card information), programmers need to create queries that have blanks in them (much like MadLibs). If you’re asking for the password of a user so that you can compare it to their given password, you only know what user to look for once that person has told you their user-name (after typing it into the webpage). So programmers create SQL sentences with blanks in them like this: 

“SELECT Password from table_of_names&passes where Username=’___________’ ;” 

When the username is filled in, this sentence tells the database to return the password of the username provided.

 

This works fine as long as the nice user types in johnny or uroscion as their user-name.  But should a bad user type in this:

“x’; DROP TABLE table_of_names&passes in the textbox, the whole sentence looks like this:

“SELECT Password from table_of_name&passes where Username=’x’; DROP TABLE table_of_name&passes’ “

This causes the database not to merely return the password of user ‘x’ (it doesn’t matter if there is an ‘x’ user or not), but to delete that whole, important table immediately after returning the value.  This is called an SQL injection attack, because SQL was injected into an existing sentence. Bad hackers use these vulnerabilities, when they find them, to wreak havoc on good peoples’ databases.

They can also use them to get information they shouldn’t have access to. If the original sentence looks like this:

 “SELECT * from table_of_names&passes where Username=’_____’ and Password=’______’ ;”

it should display only the user’s information and only if the name and password they provide match those in the database. But if the bad hacker types this into the textbox:

“anyName’ or ‘T’=’T’;”

the sentence now reads:

 “SELECT * from table_of_names&passes where Username=’anyName’ or ‘T’=’T’;” (the rest: and Password… will be ignored by the database).

This sentence says to return the user information where the username is ‘anyName’ or where True is equal to True. This will cause the database to select and return all information of all users, since true is always equal to true in every row. If the software is written poorly, it could display all of this information, rather than just the one user’s, and that information could contain everyones’ credit-card numbers, phone-numbers, etc.

So how do good hackers protect against these injection attacks? Well, the first thing to do is not write badly formed queries (sentences) like the ones above. Queries should only return the needed information and only authenticate on one input at a time and more than one row of information should never be displayed.  But since blanks will always be necessary in some form, the next thing to do is not allow users to input those special words that make up SQL sentences. This means escaping those special words (finding every special word and putting a character in front of it that makes it ignored by the database), actively scanning through the user’s input and removing any special characters or words (like ‘=’ or ‘;’), and restricting (by checking on the server, not with javascript or by restricting textbox sizes in HTML, all you programmers!) the length and amount of input the user can provide.  

So now you have a pretty complete, if non-technical, understanding of SQL injection attacks.  If you’d like to learn more, check out Wikipedia’s article on this, and the links provided there.

Read Full Post »