That’s where my new Jetpack (a cool new, lightweight (and secure!) way to write Add-ons) comes in.

Go install Unread Gmail Favicon from AMO and the favicon for that tab will indicate the number of unread messages when you have them like so:

They published the source code for the badges on the CD they gave out at registration (so perhaps I’m stupid for loading the CD on my laptop rather than smart for reverse engineering the badge). I opened up DC18_Badge.c and, searching for “Ninja” (the code was commented nicely), quickly found the following two C functions:

/**************************************************************/
/* NINJA ROUTINES
/**************************************************************/

int dc18_ninja_validate(uint32_t val)
{
    uint16_t a, b;

    a = (uint16_t)(val & 0xfff);
    b = (uint16_t)(val >> 12);

    if((a ^ b) == 0x916)
    {
        return 1;
    }
    return 0;
}

// encode tumbler states into 24-bit value
uint32_t dc18_encode_tumblers(tumbler_state_type *tumblers)
{
    uint32_t x = 0, j = 1;
    uint16_t i;

    for(i = 0; i < TUMBLERS_PER_IMAGE; i++)
    {
        x += tumblers[i] * j;
        j *= 3;
    }

    return x;
}

So the trick was to find the number that made (a ^ b) == 0x916 and then figure out the tumbler positions to represent that number. I wrote two small Python functions to automate those tasks. To find the number that would unlock Ninja Mode, I wrote this loop. I added a print statement to show how far into the search we were, thinking it might take some time to find it, but it popped out 6423 in no time at all:

while 1:
	a = i & 0xfff
	b = i >> 12
	if i % 10000 == 0:
		print "# a: %d, b: %d, i: %d" % (a, b, i)
	if a ^ b == 0x916:
		print "DONE: %d" % (i)
		break
	i += 1

DONE: 6423

Now all that was left was to figure out the tumbler positions to represent 6423. Clearly, dc18_encode_tumblers tells us how to do that. I whipped up this little function to convert the tumbler positions to a decimal number:

def enc_tumblers(tum):
	x = 0; j = 1;
	for i in range(15):
		x += tum[i] * j
		j *= 3
	return x

>>> enc_tumblers([1,1,1,1,1,2,2,2,0,0,0,0,0,0,0])
6439

I was going to write another loop to increment the tumbler array I was passing to enc_tumblers, but my first guess was so close that I just manually entered the settings until I found the winning configuration:

>>> enc_tumblers([0,2,2,0,1,2,2,2,0,0,0,0,0,0,0])
6423

Once I had the configuration, I put the tumblers in the appropriate positions: 0 - up, 1 - middle, 2 - down. After that, well, I guess I'm a ninja now:

Fig.1 – CSP configuration page making a policy recommendation.

Fig. 2 – New panel in media uploader allows direct creation of script files in the uploads directory.

Sometimes I make a tool that I use for a while and then wonder if it’s something others will find useful too. Here’s one of them…

For a while I was sharing links on my home page by linking to the feed of stories I’ve upvoted on Reddit, but that has become less satisfying as Reddit dumbs itself down each day (the same thing that happened to Digg a few years earlier). I decided to make my own link-sharing program that I could use by just clicking a bookmarklet whenever I was on a page I wanted to share.

It is a very simple program that stores the links in a flat text file and uses CORS to allow the bookmarklet to POST data to it from across domains. You can put the files in a directory on your server and use this simple bookmarklet to share links:

Drag this to your bookmarks toolbar: Share This

When you fetch the server script with GET you get back a JSON or RSS feed depending on the format parameter you pass.

Make sure the password in the bookmarklet stays synced with the password in the server file and change them to something secure.

I will say, though, that if you are still informing yourself on the state of affairs, please take a moment to read:

• The NY Times on the (IMO, deliberately) overly complex privacy controls provided by Facebook.
• The EFF on the gradual erosion of Facebook’s privacy policy.

What is clearly needed is an open, distributed platform on which to share and connect with friends in a way that is congruent with each individual’s personal need for privacy and security. I think the Web itself, with the help of existing and emerging technologies, and the agreement on some basic protocols, can be that platform.

I am not sure yet how I can best contribute to this movement, but I am passionate about it and will look to help out in whatever way I can. I have started to consider properties of the new system that will be necessary for its success. So far those include:

1. Simplicity – Facebook is popular for a reason: it provides a simple interface and a centralized place to connect with your friends and to have rich experiences. Any potential replacement needs to be equally simple to use. The need for server or software configuration of any kind is a non-starter.
2. Portability – Your data is yours. It should go with you wherever you decide your profile should live, whether it’s on your own server or on a hosted solution. I’m a pretty big fan of WordPress. A decent analogy is that your profile (blog, in this context) belongs to you whether you host it in your own domain or on wordpress.com. Should you decide to move that profile, the host should have no claims on your profile or any data contained therein.
3. Discoverability – Once we’re all hosting our profiles (effectively our online identity) across autonomous networks, it is important that we be able to find and connect with our friends. This will require a directory system not unlike the web of trust first proposed by Zimmermann with the introduction of PGP. Users should be easily able to connect with their friends based on names or other identifiers without manually searching across disparate networks.
4. Confidentiality – What right does the host of your profile have to view the communications between you and your friends? Users should easily be able to hide their messages for retrieval only by specific friends or groups. Strong crypto should be neatly enabled while individual users should require no knowledge of cryptography whatsoever.

There may be many more desirable properties for this new system. I can’t wait to hear what you all have to say.

sed s/\.[^\.]*$//

Sample Usage:

bsterne@zodiac:~$ ls /video | sed s/\.[^\.]*$// | head -n5
2001: A Space Odyssey
40 Year Old Virgin, The
9
A Bronx Tale
A Clockwork Orange

It was an awesome experience all the way around. The environment is fun and festive with live music and food and race equipment vendors, all the athletes and volunteers are super supportive of each other, and the rush of finally getting to the finish line was indescribable. I’m hooked, for sure.

Today, I posted my first patch to WordPress, still a work in progress, which adds an administration panel (see below) for configuring CSP. One of the features I’m rather happy with is “Suggest Policy”, which analyzes the content in the user’s blog and recommends a policy based on the content types and sources it finds.

Next I’ll be working on moving the remaining inline script into external script files. Stay tuned for further updates!

Update: 2010-06-20

The planters are doing great so far. I love how the squash and zucchini put up the giant sun catching leaves and send the vines bubbling over and onto the ground.

Last year, I built some sub-irrigated planters (SIP) using the excellent 2-bucket design from Green Roof Growers. The concept is based on the commercial product, Earthbox, but costs far less to build at home. The basic idea is that the plants wick up just the right amount of water from the reservoir underneath. The design includes drainage holes at the top of the reservoir that prevent over watering, so it’s really easy to keep keep plants happy using this system. They really seem to thrive when they can drop their roots down through the screen and into the water below.

Last year we had cherry tomatoes and some mixed greens, which were delicious but seemed to really attract a lot of aphids. This year I added a third SIP and we’ve planted heirloom tomatoes and cucumbers:

…as well as some snap peas that are doing really well so far:

I also built the wooden boxes the planters are sitting in to give them a nicer aesthetic and to protect them from the sun. This project has been really fun and is part of a larger effort on my part to make things myself.

A cautionary note to undergrad CS students (who I can only assume are the requestors): CS professors are pretty good at catching cheaters, so learn from others’ code, but write your own.