Blog

  • It’s Crazy Week!

    September 6, 2005

    Dad safely arrived this Saturday, after being delayed by Typhoon Talim in the Pacific…he’s here for two months! I’m planning on getting some video on him telling stories about his past (and it’s a nice excuse to get that DV camcorder I’ve wanted, though I have a perfectly good High-8 camera…I should sell it). He’s already told us some interesting stories about growing up in pre World War II Taiwan, so I can’t wait to get some of this logged. It’s Personal History Month here at Casa Seah!

    I’m going to again be rather sporadic on website updates this week, but there are some bright spots over the horizon:

    • I have, for the first time, a vision for the kind of company I want to build! I will be realigning my practice toward this.

    • The anniversary for the creation of this blog is officially September 12th, and it feels like it’s time to change it up a bit. With the new thoughts on what my practice will be, this comes at an opportune moment. The new blog will be more clearly segmented between business and personal interests, though I plan on keeping it highly personable in tone. With the new vision, the business side will be focused on the journey of making it happen.

    • With a new blog comes redesign. I am not using any WordPress 1.5 features in the current blog templates, having just ported it quickly from 1.2. I’m planning on putting some hours into exploring WordPress 1.5 template features to make something cool. It’ll be a good refresher for my CSS / HTML too, which is feeling a little rusty.

    <

    p>On top of these things, there’s also a bunch of work-related things to get through:

    • Delivering the next release candidate for Showing Evidence next week
    • Writing up some documentation
    • Prepping new resume / portfolio collateral
    • Meeting with potential clients

    It’s interesting to note that last week’s hits dropped to about half their usual level. The cause could be anything: Hurricane Katrina, vacation times, who knows.

    Read more
    DSri Seah

  • A Flash MMORPG

    September 2, 2005

    Visit Dofus

    Whoa, this looks very cool: a Massively Multiplayer Online Role Playing Game (MMORPG) with a Flash front-end client! Not only does it look great, but the underlying system for managing hundreds of world assets must be really nifty. My palms sweat with excitement just thinking about how this thing must be engineered.

    And who put together this latest player in the MMORPG market? From what I can tell, Ankama Studio is the game development wing of Ankama Web Agency, a French company near the Belgian border specializing in e-commerce and web marketing. According to this interview, the three founders use their web agency profits to fund development of (I assume) something they’ve always wanted to do. Very very cool.

    I haven’t played the game, but the business model behind this is very interesting, as is the reason to use Flash in the first place. The reasons should sound familiar; from the raw babelfish translation:

    1. development costs, much more reduced than with hard development out of C.
    2. costs of distribution. Here, not need for editor, all is done by the Net.
    3. portability: with only one development, one touches Windows, Mac and Linux. It is not beautiful, that!
    4. One knew flash well.

    Uh, yep! Cheaper development, cheaper distribution, cross-platform deployment for free, and heck, if you know Flash well, use it!

    Via XD.

    Read more
    DSri Seah

  • Creative Jamin’

    September 2, 2005

    Scanning Creating Passionate Users, I came across this post on recent 24-hour video game creation efforts. In the late 80s and early 90s, Pangea Software–then developing on the Apple IIGS–made a series of 24 hours games for that system. It’s cool to see that The Ad-Lib Game Society is continuing the tradition! It’s hard to make a fully-functioning video game from scratch, but the self-imposed time limit ensure that you spend your time making and less time hemming and hawing about “design decisions”. Just do it! Even if the first few games kind of suck, the process is hugely educational. That is, if you’re really committed to making something happen, and not just stuffing your face with pizza. :-)

    Read more
    DSri Seah

  • A Typical Writing Day

    September 2, 2005

    Yesterday felt pretty productive in terms of regular everyday writing, just the right amount to be meaty, but not too excessive. On the other hand, I know I tend to run long when it comes to communicating, so I asked myself, how much verbiage do I generate on an average day?

    (more…)

    Read more
    DSri Seah

  • WP Contact Form Spam Attack!

    September 1, 2005

    I’ve gotten some unusual emails through the contact form lately, so I’ve disabled it until I can determine whether it’s truly spammer-proof.

    There are two things I’m concerned about:

    • Worry # 1: My true contact email gets “harvested” by a web-crawling robot, and is added to a spam list. This is why I’m using WP-ContactForm, which theoretically hides the email address by using PHP to send email on my behalf. However, this leads to…

    • Worry # 2: My contact form being used by spammers to send other people SPAM. This is known as having an “open relay”, which means anyone can send email to anyone through it. That would be very bad.

    <

    p>The kind of funny email I’ve been getting looks like an automated probe to see if WP Contact Form can be used as an open relay. Since I haven’t looked closely at the WPCF source code, nor do I really know a lot about the low-level email protocol, I’m not sure. So I’ve submitted a ticket to the confusing WordPress Plugin Repository System (or at least, I think I have, though it doesn’t show up). And I’ve taken down the contact form. Sorry for the inconvenience.

    UPDATE:

    Looks like I’m not alone in this email contact form attack! Based on that discussion, I added the following lines to my version of WP Contact Form, in function wpcf_callback(), just before the $headers = ... assignments:

    // Strip r and n from the email address $email = stripslashes($email); $email = preg_replace(“/r/”, “”, $email); $email = preg_replace(“/n/”, “”, $email);

    // Remove injected headers $find = array(“/bcc:/i”,”/Content-Type:/i”,”/cc:/i”,”/to:/i”); $email = preg_replace($find, “bogus header removed“, $email); $msg = preg_replace($find, “bogus header removed“, $msg);

    The version of WP-Contact I’m using (1.1) appears to use the form input as-is. The code above should fix that. I am not sure that it actually is even necessary, but I feel a bit better about it. I would have to write my own exploit bot to test it.

    Read more
    DSri Seah