It started with a simple need: keep tabs on SparkFun Electronics’ in-house kegerator so the beer won’t run out at inopportune times. But of course SparkFun and “simple need” make strange bedfellows…throw beer in the mix, and you know this can’t end well. The result, as you might imagine, reads like a who’s-who of electronics hackery buzzwords.
Arduino? Check. Custom PCB? Check. Web interface? Check. Twitter feed? Check.
They’ve assembled a nice build tutorial on how this all went together, including code, example circuits, an explanation of some of the sensors used, and links to other tutorials for such things as Twittering and persistent storage in EEPROM using Arduino. Not to mention the eye candy: a custom Arduino shield (solder mask and all), custom acrylic tap handle, custom SparkFun pint glasses. They never do anything halfway, do they?
[RSnake] has developed a denial of service technique that can take down servers more effectively. Traditionally, performing a denial of service attack entailed sending thousands of requests to a server, these requests needlessly tie up resources until the server fails. This repetitive attack requires the requests to happen in quick succession, and is usually a distributed effort. However, [RSnake]’s new technique has a client open several HTTP sessions and keeps them open for as long as possible. Most servers are configured to handle only a set number of connections; the infinite sessions prevent legitimate requests from being handled, shutting down the site. This vulnerability is present on webservers that use threading, such as Apache.
A positive side effect of the hack is that the server does not crash, only the HTTP server is affected. His example perl implementation, slowloris, is able to take down an average website using only one computer. Once the attack stops, the website will come back online immediately.
Update: Reader [Motoma] sent in a python implementation of slowloris called pyloris
[Cal Henderson] delivered a keynote titled Why I Hate Django at the first annual DjangoCon. Django is an open source BSD licensed web framework written in Python. Google has posted the keynote in its entirety to YouTube, which you can find embedded above. While the talk is humorous (and takes many jabs at Rails developers) it does provide insight into what makes a good web framework. [Cal] is Director of Engineering at Flickr and is an authority on how to make websites scale. He points out that most frameworks are designed to get projects off the ground quickly, but are lacking when it comes to building an even larger service. He talks about several things in Django that need work and improvements that could be made. It’s really an interesting look at what it takes to go big. Continue reading “Why I Hate Django”
[Nick] sent in his quick hack for getting rid of extra menu options in Firefox 3, like the ever useless ‘Work Offline’ option. (OK, maybe modem lovers like it…) If you’re tired of seeing cluttered menu choices that you never use, [Nick]’s simple trick of editing the XML formatted XUL files in Firefox to clean things up. There’s some risk involved, but it’s nothing that a quick re-install can’t repair. The writeup includes a basic introduction to the XML tags, so you can probably do it. You can use a text editor right? (Just don’t forget to have the installer or a backup copy handy before you start playing around.)
Whenever [sprite_tm] sends in his latest project, it’s like getting a Christmas present and a night off. He put together a whiteboard, x/y stepper system, serial interfaced microcontroller and added a webcam with perspective correction for the online view. Me? I’m tempted to build one of these for leaving notes for the wife when I’m out.