June 2007 - Posts
I'm going for vacations to Germany tomorrow for 9 days, so you'll have a little break from me meanwhile ;)
See ya the 9th of july!
I've added another recently readed book to my Book Reviews section. This one about usability and design... but not with computer examples but real life ones.
I'm finishing another book, this time more focused on development. The review, very soon ;)
Yesterday we came back from ilitia Kickoff 2007, spending all the weekend at Cazorla.
We had great time, did some activities (5 hour travel on 4x4, bushwalking, visiting a Castle) and above all, had a great time talking, telling jokes and having some beers together.
You can see some photos of our weekend at my photo albums (yet incomplete, soon I'll add more photos).
I've merged my previous Spam and Video addons for Community Server, along with a new Task, becoming the first release of my KartonesNet CS2007 Addon Pack.
Currently features:
· KartonesNet.Modules.SpamAddon: This is a new Spam Blocker rule that checks for a minimum post length. If post is smaller than the threshold/length, assigns a base score plus 1 per character missing.
· KartonesNet.Modules.VideosAddon: This is a module to allow embedded videos from Soapbox, Youtube and Googlevideo in blogs, forums and comments.
· KartonesNet.Tasks.ClearLogsJob: This is a Task/Job that will clear all Exceptions if clearExceptions="true" and will delete all EventLog entries older than expirationDays value.
I will add more stuff as soon as I have time.
You can download the pack from the Downloads Section.
Comments and suggestions will be appreciated ;)
Google has recently presented Google Gears, a local DB storage system that currently allows to read feeds offline, and will be used in Google Docs and probably other services in the near future.
I tried it for some days, but I've actually uninstalled it, because it feels a bit unsafe for me.
First, on the online side there are possible XSS flaws that could be exploited. SQL Injection was feared too, but seems that the Gears DB API uses blind parameters inmune to SQLI.
And second, the data is located in a SQLite database, without any authentication. You can open them with SQLite Database Browser for example.
Right now an attacker would just get your feeds data, but what if GMail and Google Docs went offline too? Then it could be able to get more sensitive data... And that's something I don't like to be afraid of.
I hope they add additional security, because the tool itself is useful.
While I wait until I can start the works in my future own house and build the ultimate entertainment center (my future house hall/dining room), more and more stuff keeps coming to improve it (my room is full of PCs, consoles, books and more geek stuff like Lego robots).
I've got a fantastic DDR dance mat, quite good for doing sport while dancing with music (for PC there's even an opensource DDR emulator, Stepmania)
While I'm not good at dancing, having visual guides helps a lot ^^
And now, thanks to my friends Montse, Begoña, Tamara and Azuzena, now there's another new toy:
Yeah! I'm not a Rock music fan, but the game is very very funny! I've spent today more than 2 hours getting used to play a "guitar", and I'm addicted :)
The game basics are similar to DDR ones: Follow the on screen music guides and play the chords at the right time. It has some "specials", long notes, combos, and a "life" system (rock meter, if you play bad it gets red until you loose).
Similar concept, different playstyle, same fun!
With my MP3 mixing table, the dance mat and now the guitar, my neighbors are going to hate me even more xD
Just a quick post of a problem I addressed today while finishing my current assignment.
I used the ExitWindowsEx() API call to logoff the user (with the force close flag). In Vista it worked without any problem, logging out the user whenever he was using the PC or with the computer locked. But... when I went to test it on an XP machine... surprise, the system killed the explorer.exe process but didn't close the session.
After searching for a while and doing some tests, I found it is an actual problem of Windows XP (here's the KB). It is not yet included in any service pack or Windows Update patch (I suppose because it modifies winlogon behavior), so if anyone comes across this same problem, don't go crazy trying things... just install the hotfix and it will behave correctly and logoff the user even with the computer locked.
One thing I like about development, is that sometimes, if something doesn't work as expected, you can create your own solution.
As we're still having spam problems, I've downloaded, installed and looked into the Community Server 2007 SDK, and here's an initial version of "Kartones.NET spam addon". You can download it from the Downloads section.
I've developed an (easy) rule to count post length and score spam points if a minimum length is not achieved.
It is quite easy to develop CS2007 modules, and it integrates perfectly with the default rules.
Note: The rule only applies to unregistered/anonymous users.
We live at a time where spam is becoming more problematic than viruses. And as the spam bots get more sophisticated, becomes easier for them to invade any online site and fill with comments blogs, admin addresses and even forums. Kartones.Net is no exception, and lately we're starting to have an alarming number of spam comments, so I've researched a bit and here is the (multiple) solution I've adopted to prevent further spamming in our community.
A not so known feature you can tweak is Community Server's task in charge of deleting spam comments. By default, it deletes them each 30 days, so I've changed it to 1 day. You can alter it's value by modifying the CommunityServer.config file, under the <Tasks> section, task name DeleteStaleSpamCommentsJob, expirationDays property.
In the community settings, you can enable multiple rules to block it. This are the ones I've activated to prevent it.
My Link Count actual settings are this:
To prevent your mailbox being flooded with spam comments notification, don't forget to check the "Do not send email notifications for comments rated as spam" in your blog settings, as in the following image:
And finally, I installed a CS2007 CAPTCHA module to filter some spam before it even gets to the server. Good news is that with official blog themes it works without adding additional code (cheers for the developers). Bad news is that some advanced spam bots even have OCR technology and bypass it, but it filters part of them so I'll leave it anyway.
Here's how it looks:
So, the final "spam defensive perimeter" goes like this:
- Any comment requires a CAPTCHA validation
- If bot passes it, forbidden words, bad word count and link count will flag the comment as spam
- Bloggers won't even notice the spam comment because it won't be published
- Next day the system will delete the spam comment without user interaction
With all this countermeasures, I hope to catch allmost all the f****ng spam.
We are in june, and as promised I'm proud to announce the Kartones.Net Most Valuable Freak awards.
During this month, anyone can leave a comment in this post giving 3 votes to their selection of the freakest and geekest blogs of this community. At the end of the month I'll count the votes and award with placing the MVF logo in the winners' blogs until december.
Although some blogs are in english and other in spanish, I hope that this won't be an issue.
Anyone reading this post is welcome to give a look at all our blogs and participate ;)
--- Spanish version / Versión en español ---
Estamos en junio, y como prometí me enorgullece presentar las nominaciones de Kartones.Net a los Most Valuable Freak.
Durante este mes, quien quiera puede dejar un comentario en este post dando 3 votos a la selección de los blogs de esta comunidad más frikis y geeks. Al final del mes contaré los votos y premiaré colocando el logo MVF en los blogs de los ganadores hasta diciembre.
Aunque algunos blogs están en inglés y otros en español, espero que no sea un problema.
Cualquiera que lea este post es bienvenido a echar un ojo a todos nuestros blogs y participar ;)
Just a small post. Vicente and I have finished commenting the code of our small XNA Particle Engine we built for the UPSAM speech we gave about XNA and the content pipeline.
The code is not "production quality" and some minor things should be fixed and/or refactored (particle engine drawing inside a game component, alphablending may be broken because of the last-minute changes to pigment/colorize particles...), but it's very easy to understand.
You can find the (updated) zip file containing the slides (spanish & english) and the source code here.