Finally. The Macromedia Developer Relations podcast is now available in iTunes. Go to Podcasts > Technology > Developers. To learn more about iTunes support for podcasts, see Apple’s podcast homepage.
How many people out there listen to podcasts? Do you iTunes, or something else? (I’m wavering back and forth between iTunes and Shrook right now.) And what podcasts do you listen to regularly? I’m flying to New York tomorrow for Flashforward, so I’d like to stock up on some podcasts for the flight.
I finally got the Macromedia Developer Relations Podcast submitted to iTunes. The documentation Apple provides for the special iTunes meta-data tags has some inconsistencies, and I found at least one major bug in their submission process, so it took several hours for me to finally get it submitted. In case you’re having problems, as well, it seems you can’t add iTunes category tags at the channel level (even though the docs say you can). For some reason, if you use bogus or incorrect categories, the feed is accepted (but the categories ignored), but if you use real and current categories, you get back an error saying that the iTunes Store is experiencing technical difficulties, and to try again later. The work around seems to be to remove the category tags at the channel level altogether (they seem to work at the item level), and just pick a category and sub-category through the feed submission interface.
Anyway, the feed hasn’t shown up yet. After you submit your feed, it tells you that it may not show up right away, and it might need to be reviewed or something, so I’m not sure how long that will take. If anyone notices that it has been added, please drop me a comment. It’s in the category "Technology" under the subcategory "Developers".
In other news, I’m about to move yet again, so I’m going to be offline most likely until next week. This is the third time I’ve blogged about moving in about 2.5 years, which isn’t a good sign. I’m staying in San Francisco, but moving from a rental into a house that I bought, so hopefully I’ll actually plant some roots and stay in one place for a while.
Off to finish packing…
I made a post yesterday about how you can use iCal to subscribe to new movie releases. Sean Corfield mentioned that he is subscribed to US and Indian holiday calendars, which got me wondering what other calendars were available out there. Apparently there are thousands. It looks like the two big repositories are the Apple iCal Library, and iCalShare. Very cool stuff. I’m now subscribed to US holidays (I never know when it’s a holiday, and I sometimes go to work when Macromedia is closed), and a video game related calendar.
Is there something similar out there for Outlook users? Yesterday, Dan mentioned WinDates which looks like a good solution, although personally, I would recommend just switching to a Mac.
Not through RSS, but through Apple iCal. I picked up this tip today when getting caught up on my Jason Kottke reading. Open iCal, go to Calendar > Subscribe, and paste in this URL. You will never miss another movie release again.
Speaking of movie releases, I snuck away last week to see Revenge of the Sith. I am a huge episode IV through VI fan, and a huge critic of episodes I and II, but episode III was actually pretty good. The love scenes are laughable, and there were a couple of other scenes that actually made the audience groan (literally), but for the most part, I really enjoyed it. Have you seen it yet? If so, what did you think? If not, what are you waiting for?
Apple has just made some changes to their growing
family of iPods. You can now
get a 6GB iPod mini for $249, and a 30GB iPod photo for $349. Looks like they have
all their bases covered at this point.
How many people out there don’t have
an iPod. If not, what are you using?
I don’t know what kind of readership overlap there is between my blog and What Do I Know, but yesterday, Todd Dominey blogged a very cool trick he picked up from Ars Technica. Basically, inside of any Cocoa application, you can hit F5 or Option-Esc to get a list of spelling suggestions. How cool is that? Totally undocumented, and totally useful.
Another new generation of iPods with:
- Apple Click Wheel
- Up to 12 hours of battery life
- Slightly Thinner design
20GB for $299, and 40GB for $399. I think I’m two generations behind now. If only the minis had more capacity (or were less expensive), I’d go for one of those. What kind of iPod do you have?
Apple announces the “first seamless integration of iPod and automobile”. If you own a BMW 3 Series, X3, X5, Z4 Roadster or a Mini, for just $149, you can integrate your iPod with your car. Connect your iPod to your car’s sound system via a cable in the glove box, and not only can you control it with the buttons on the steering wheel, but it will also be powered by the car rather than using its own battery.
Why BMW, and not Jeep?!
According to this CNET article, the security patch that Apple released last week to fix what is being called the Safari vulnerability (inappropriately named since every browser I tested is vulnerable) has failed to fully fix the issue. According to the article, “the biggest problem is that there seems to be no easy solution.”
According to an Unsanity spokesperson, “there’s lots of overlap between useful applications of this functionality and malicious ones, meaning that Apple can’t easily fix this without removing useful features from its operating system and from existing apps.”
While it’s true that it may be tricky to address the issue the OS level, patching the browser is pretty straightforward. I guess the problem is that Apple can’t patch all the browsers you have installed on your machine, so they feel they need to fix it at a lower level, which is fair enough. In the meantime, don’t wait around. There are several fixes out there, the easiest of which is posted right here on this weblog (as long as you are using Firefox, or don’t mind switching to it).
By now, I’m sure most Mac users are aware of the significant Safari security vulnerability which allows the “disk” and “help” protocols to be used in concert to execute arbitrary code on your machine after being automatically downloaded from any arbitrary website. In fact, the “disk” protocol is not even necessary; you can simply use the “help” protocol to execute commands which clicking on this link demonstrates (don’t worry — it will just run the uptime command, but I think it makes a pretty potent point).
So far, Safari has been taking all the heat, but this morning, I discovered that Firefox is vulnerable, as well. Since I use Firefox rather than Safari, I thought I could click on an example of the exploit, and simply download the code for inspection, however imagine my surprise when the code actually executed! (Firefox users, click on the link above to verify.) I immediately set out to find a way to protect Firefox from such attacks.
The solution I came up with seems to work perfectly so far, only takes a few seconds to implement, and doesn’t require installing any third-party software as other solutions I’ve seen do:
- Go to /Applications/Firefox.app/Contents/MacOS/chrome
- Open all.js in any text editor, though preferably vim.
- Search for the term “protocol-handler”.
Under the two lines addressing “mailto” and “news”, add the following lines of code:
pref(“network.protocol-handler.external.help” , false); // disable help protocol
pref(“network.protocol-handler.external.disk” , false); // disable disk protocol
- Restart Firefox.
- Open up this blog entry again and notice that the link to the example exploit no longer works. I have checked three different example exploits (two of which use meta refresh tags rather than direct links), and none of them worked once the code above had been inserted.
Please pass this information along to other Mac/Firefox users. If you’re a Safari user, now is a good time to switch to a secure version of Firefox. If you find any issues with this change, simply back it out and let me know, though so far, it seems to work perfectly.
Note that this fix has only been tested with version .8 of Firefox.