I have this bad habit. It’s called starting books and never finishing them. I’ve done this with my last two books in a row: 1984 and Enders Game. Both very good (so far) books that I’m interested in. Both, books that I’ve read the first few chapters of, then pretty much quit reading altogether. I think I have this habit because I read for leisure so infrequently that I just forget what I have and start new books when I actually do read.
Something to work on I guess.
One of these.
Partially because it clicks like a Model M, but also because I want to try out some new keyboards 
.
I’ve been using my standard Apple keyboards for a while, but something that has always bugged me is that on a Linux machine, in order to switch to a different virtual terminal, you have to hold the function key down as well as CTRL + ALT + F[1-9]. It makes it kind of awkward to do since function is clear over on the right hand side of the keyboard near the arrows. Also, it doesn’t have an insert key. Before I started using my Apple keyboards on Linux machines, my go-to terminal paste was Shift+Insert. Now I usually CTRL+SHIFT+V or just middle click. I also just learned how to move text around in Vim instead of copy/pasting by highlighting /clicking.
I’ve known about this for quite a while, but I figured I should probably say something since it’s causing quite a stir at work:
Timthumb.php, a script included in thousands of custom web applications that is used for resizing images has a major security vulnerability. There is a range of vulnerable versions, but I’m not sure exactly what they are. The versions don’t really matter though. If you’re using anything under 2.0, then update ASAP. You can update by simply downloading the latest copy of timthumb.php (Note: right click > save link as… or you can just copy/paste. whatever), then replacing any outdated version of timthumb on your website with that new version.
“But, but, how do I know if I’m vulnerable or running an outdated version?” you ask?
Don’t worry, here are some useful Linux commands you can use to find out if you’re vulnerable (note: these are tuned to Bluehost / Hostmonster / Fastdomain, since that’s where I work, and that’s where I’ve tested):
This gives you a printout of every file named timthumb.php on your account. If you run this and don’t see anything then you’re probably safe.
find ~/public_html -type f -name timthumb.php
This shows you the version numbers and the locations of the files:
find ~/public_html -type f -name timthumb.php -print0 \
| xargs -0 grep VERSION | grep define
This deletes all files named timthumb.php (WARNING: may break your website):
find ~/public_html -type f -name timthumb.php -print0 | xargs -0 rm
This deletes all of your files (WARNING: will permanently delete your website(s)):
rm -rf ~/public_html/
Okay, on the last one (or two) I was just being sarcastic. Don’t use those.
I’ve been debating writing a script that will just automagically update all of your timthumb.php files to the latest version, but idk if there is really much interest in that. I could do it in about 30 minutes, probably.
DISCLAIMER: Don’t use any of the commands above without taking a backup of your account first. I am not responsible for any damages that may occur on your account.
I bought: nerdosaur.us
I may be moving this blog over to nerdosaur.us soon. I just discovered (right after I wrote the sentence before this one), that there is another nerdosaurus at nerdosaurus.com. Damn it. Well now I don’t know what to do. I have a ton of domains. Maybe I’ll switch? maybe not. idk. I’ve been using chomp.us for email for quite a while now, but I haven’t ever put anything up on it as far as web stuff is concerned. Originally it was going to be a gadget review site, but that kind of flopped because I got kind of lazy and started working on other projects. I think the premise kind of sucked too. My niche thing was going to be: reviews 30 days after the product came out. So I would give honest reviews that weren’t biased with new-gadget-euphoria, and I would be able to show at least some facet of durability. But that never happened.
I’ll be doing a new theme soon too. This one is getting boooooring. My blog has looked like this for a long time.