how to make perfect boiled rice
How can something that appears so simple be so hard!
I don't know about you, but I've always had problems boiling rice. I've tried a couple of steamers, adding oil, frying the rice in butter first.... but results seemed to range. I've just come across an article that covers how to boil rice - http://shiokfood.com/notes/archives/000018.html
Basically, it seems you rinse it lots, soak it for 30 minutes, drain, put in pan with 1.5x the amount of water there is rice, boil it for 15-20 minutes (although.. my rice packet said 10, i did 15 and it came out perfect) with a tight fitting lid, DO NOT LIFT THE LID. once cooked, remove from heat and DO NOT LIFT THE LID for another 10 minutes.
Myspace Exploit!
I wrote the below about 3 months ago (mid july) and published it, but a day later decided to remove the post from my blog - one such exploit like this that was found before took myspace offline for a few hours. It appears myspace have now fixed (well, partly..) the issue I've documented here, so I now consider it safe to publish.
Seems I've foudn a way of exploiting a hole in myspace's XSS filters!
Myspace block all kinds of common XSS exploits from your profile, however, I've found a way around it! I did email them explaining that I took 2 hours trying to find it, and asking if they offered any incentive to report it to them - but I didn't hear back. I guess I might as well publish it then...
<div <img />
href="#" onmouseover="alert('moo')">w00t</div>
Using that foothold, I'm sure there's many things you could do....
Odd XSS quirk in google videos
I don't think this is exploitable, but here's the details that I reported to google...
Bug with your XSS filters.
when viewing a view, you have a bar down the right hand side of the screen.
There is a bug in what I presume is your cross site scripting filter.When it encouters a ' (single quote) within a string, it generates undesired results.
For example:
<a href="/videoplay?docid=2421984664875201064" onclick='setSessionCookie(VP_playlistCookieName, "...,", VP_cookieDomain); setSessionCookie(VP_playlistIndexCookieName, -1, VP_cookieDomain);' title="Steve Irwin How I" d="" like="" to="" be="" remembered="">Steve Irwin How I'd Like to...</a>Notice how the 'title' attribute of the <a> tag has been formatted, causing the title string to be formatted as additional attributes to the <a> tag
Last time a friend found a bug and reported it, it took a shockingly long time for google to fix it ...
AoE and LVM issue
i was playing with AoE (ATA-over-Ethernet) and I was having issues with one of the network clients showing 'down,closewait'. I had been using the AoE device with LVM, and the vblade server had rebooted and had various kernel upgrades to fix something else - and it broke the AoE on the client! aoe-stat showed this:
e0.0 0.000GB eth1 down,closewait
To fix, vgremove wasn't working, however using 'dmsetup remove aoe-X' where 'X' was each device in the 'aoe' LVM volume group.
This made 'aoe-stat' show the device as 'down':
e0.0 0.000GB eth1 down
As to how to get it back up again, I'm still playing 