See it here

As another annoyance-avoidance tool I revised the access controller for the site to block hotlinking of files (using Tom Sherman's guidance) by other websites. If this means you see a broken image or red x in a box where you expect to see a photo, that's why. I made exceptions for SportsFilter, Bloglines and Google but if you think there should be others please let me know.

Bloggers represent!

If you'd like your own version of the Red Cross Katrina donation graphic like I've got on the top right of my pages, check out Brian Alvey's post Adding the Red Cross for the simple details. I would repeat Brian's request that you take your own copy of the graphic and not hotlink to my site--you may not be happy with the result.

Technorati tags: katrina redcross charity

Weird spam of the month

Though my attempt was probably both too little and too late some time ago I removed any direct email addresses on the website and replaced them with a contact form linked from my name on every page (look in the copyright). The email address the form sends messages to, which was never used anywhere else and not directly exposed, seemed safe.

In the last few days, though, somebody or someone's script has found the form and is filling it out repeatedly. I guess the idea is that a useful percentage of web forms will trigger an automated response that's of interest to the programmer though just what isn't clear to me. The script fills in the form fields with the same data, an email address of a four or five character random group of letters (such as xtpku) at this domain.

What's truly odd is the subject line of the email. First, that it's filled in at all since I generate the subject in my script and, as you can see, don't give it as a field for a writer to enter. Second is the text used:

[the email address used in the form] Content-Type: multipart/mixed; boundary="===============1278934073==" MIME-Version: 1.0 Subject: 7c77fe36 To: [the email address used in the form] bcc: [someone else's email] From: [the email address used in the form] This is a multi-part message in MIME format. --===============1278934073== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit koxsakoifn --===============1278934073==--

Kind of looks like the spammer's script figured out the name of my script, I'm not versed in these matters at all, and tried to force it to send a copy of whatever's generated to a controlled email address (in red above). But of course I don't believe it worked since a bcc in a subject line isn't going to be executed by the PHP engine. Also looks to have been cut off--I bet subject lines can't be more than 255 characters.

Amusing more than annoying and hopefully who/whatever clown's behind it will get off the kick soon. Just enough of a pain to get me to read and try to understand Chris Shifflet's article Foiling Cross-Site Attacks, conveniently sitting in my inbox waiting to be used. The included code was not quite enough to actually implement a solution--I've never needed to deal with PHP sessions before, if I had this would probably've done the trick--so I also got a very basic script from PHPBuilder.

Now we'll see how well it works. If you are the cautious type who has cookies turned off, please do me a favor and try the form so I get a different test example than myself. Thanks.

Why are you a soccer fan?

Soccer Silicon Valley opened a blog and this was the title of their second post. However, I think the blog writers need some poking and so posted the following as my comment, just posting here for my memory and in case it mysteriously disappears:

Been a fan since I worked Cosmos games at Giants Stadium for the food concessionaire. Big Quakes, USA and Liverpool supporter.

Having a blog is a good idea but after two posts and no useful information about what's going on with the team I wonder if it'll be worth your trouble.

I don't like all the secrecy regarding the ownership change and potential sites. Anyone who would want to lead, or be part of, a new investment group should actively be recruiting support from this fan base to show AEG and MLS they understand what is in place and that they can be part of it.

Finally, what makes the SSV leaders qualified to be involved and know what's going on and not the rest of us? Infrequent request for letterwriting and phone campaigns aside, there have not be any opportunities for people like myself to be part of this process and I think that's a mistake.

Bill Gates - Microsoft's Chief Software Architect: My buddy Scoble scores a Channel 9 video session with the Big Cheese himself.

c h r o m a s i a / thumbnails: Pretty awesome photoblog, creative use of all the elements.

Why Disney sucks #3,443

Tonight ESPN2 was scheduled to broadcast the USA-Guatemala Qorld Cup qualifier at 7 p.m. The Braves-Mets game ran into extra innings. So the 'tards in Bristol decided to just skip showing the first 24 minutes of the soccer match. Though why I should expect any better in a country that calls football soccer is beyond me.

Technorati tags: soccer worldcup disneysucks

Apparently teen opera sensation turned pop star Charlotte Church wants us to know she's all grown up now and hot (more).

Last night's movie: Ladder 49

Let me try and make this simple:

• I have not enjoyed any movie directed by Jay Russell
• I have not enjoyed any movie written by Lewis Colick
• Joaquin Phoenix? Okay, Gladiator was cool but that was hardly about him though I have hopes for Walking the Line his upcoming Johnny Cash biopic as long as he doesn't tr and sing.
• Travolta, okay, he's done some good shit going back to the beginning though he's had his share of dogs and recent years have been a bit hit or miss

Ladder 49 is definitely one for Travolta's miss column. The idea is decent, a look at the career of a brave young firefighter as his life hangs in the balance, but the execution is trite. And Phoenix, maybe it's his acting skills or voice and face, but he comes off as playing a girl. I don't mean that in a covert homosexual slap or women belong in the kitchen way but he's supposed to be playing a man's man and doesn't pull it off. Not even close.

I also never felt attached to his character so the life hanging in the balance scenes that were intended to keep me gripped to the seat didn't. The crumbling, flaming huge building interior where they took place--the film's big fire--had all the necessary visual appeal but didn't make sense, I wasn't given enough information to explain why the fire was playing out as it did.

not recommended

Technorati tags: movies travolta actionflicks

Today's movie: Constant Gardener

Fernando Meirelles is clearly a filmmaker to be reckoned with, a man completely interested in using movies as a political vehicle. Constant Gardener is his second major work to come to the US and global markets following the celebrated City of God. Assuming he continues to find financial backing and distribution one can only assume Meirelles will continue to tell stories of power abused and sociopathic violence.

Where the earllier movie was the retelling of a true story, Gardener is labelled fiction and based on John Le Carre's recent novel. Le Carre made his name with Cold War thrillers but with the passing of that age turned his eye to men using similar strategies for personal, rather than political, gain. But with the passing of that age the underlying equivalence of those two pursuits has become quite clear; one has to look no further than the interchangability of employment between the Bush Administration and energy industry corporations. So Meirelles rides this horse to switch from the narrow scale of Rio de Janeiro's favelas to the global marketplace of pharmaceuticals.

Working again with cinematographer César Charlone, we see terrific use of color, lighting, framing and transitions. Whether through the editing of Claire Simpson or simply being able to position his cameras in favorable places, there are many long panning shots that starkly contrast worse than Rio urban African slums against a modern core where foreign executives corrupt politicians and deaths are written of as inevitable (so might as well make use of them). A sea of rusting tin roofs slide by until, in the space of a frame or two, glass and steel buildings replace them, favored by trees and other greenery absent from the overpopulated ghettos.

The plot is simple enough: the title character, a mid-level Foreign Office functionary played well by Ralph Fiennes, marries human rights activist Rachel Weisz and the couple are sent to Kenya. Almost immediately Weisz is murdered, viciously, but Jeffrey Caine's script flashes back and forth in time for the first half of the script so that the truth of Weisz's character and her death is only slowly revealed. From then, once Fiennes returns to London, the story plays out chronologically but secrets are still parceled out parsimoniously. And despite being dead, Weisz is frequently onscreen--Meirelles uses her natural beauty and generous emotions as a means to personalize the film.

Fiennes does a marvelous job, Weisz is terrificly mysterious. Other significant roles are played by Danny Huston, as another British diplomat lost in the levels of machinations which surround him; Pete Postlethwaite (best remembered here as Daniel Day Lewis's father from In the Name of the Father) as a drug developer looking for redemption in the desolation of a Sudanese refugee camp; Hubert Koundé as a Kenyan doctor conspiring with Weisz; Richard McCabe with a key third act cameo; and, a very different Bill Nighy than we saw and loved in Love, Actually, here taking a small role as an officious, self-serving knighted senior diplomat. There are a number of small parts played by what one can only presume are African locals, most well done, but neither the official site nor IMDB name many. An interesting ommision given the political slant.

Having praised Gardener for five paragraphs, let me take some space to point out a few flaws as well. Chief among them are a lack of focus on who Meirelles and Le Carre want to hold up for blame and odd bits of information tossed in uselessly that, if true (for the movie), would have certainly meant different choices would have been made by the characters. Most significantly among the latter is the revelation, perhaps 75% of the way in, that Weisz's character was fabulously wealthy but had never revealed this to her husband nor used this wealth in obvious ways to further her cause or help the people she showed such care about.

The lack of a single, well-fleshed out villain is the worst sin though and almost destroys the film's political value; in reality, no doubt all the types depicted here share responsibility but this is only 120 minutes and also not a documentary. From a plot perspective the fictional pharmaceutical company is the worst offender among the conspirators but is only briefly represented onscreen by a single executive, and Meirelles allows this man to offer contrition after falling from grace (his offering, by the way, is another throwaway bit not used again). The main government connection, Nighy's Sir Bernard, has dialog in only three or four scenes and his local counterpart, the Minister of Health, even fewer.

In a novel this is much less of a problem because of the substantial larger space. The movie, though, is clearly a sales proposition: multinational corporations are using corrupt politicians to achieve profit goals without concern to the human cost because, after all, that's not a debit on the ledger. To make the sale, Meirelles should have collapsed the novel's cast so that viewers would come out of the theater angry at one or two easily identifiable real world correspondents to his villains but instead wastes energy across too many bad people to list here. Hopefully he'll understand this for the next production.

recommended