All versions of Java blocked by default in Firefox

UPDATE: This change has been reverted for now. It will take a couple days for the blocklist to be updated on everyone's machine.

A while back, Mozilla had announced a plan to block all versions of Java by default. While that didn't happen when Firefox 24 shipped, it has been done via an update to the blocklist. See bug 914690.

It's unfortunate that this happened on the ESR, since Java is still essential for some enterprise applications (and apparently the entire country of Denmark).

I don't have any information yet if you can use the permissions API to enable Java for necessary sites. For now, you might just have to turn off the blocklist by setting extensions.blocklist.enabled to false.

UPDATE: You can also use the Click-To-Play Manager add-on to update the domain whitelist. I'll be adding support for this into CCK2.

The Blue Like Jazz Box

A few months ago, you might have seen me on Twitter or Facebook promoting a movie called Blue Like Jazz. If you don't know the story, you should read it. The movie wasn't going to be made, but through an incredible Kickstarter campaign, they raised almost $350,000 and were able to complete and release the movie.

As part of the promotion for the movie, they hid 28 boxes in 28 cities where the movie was opening. I haven't seen many people talk about the box, so I thought I would do a quick post about the box I found.

How My Site Was Hacked

So in case anybody cares, what happened was that I apparently have a theme that got hacked. It appears to be a theme called super blogger had a helper.php file in it's images directory which allowed files to be posted into that directory.

Using that uploaded file, extra code was added to my functions.php file in my standard theme which opened a backdoor and gave free reign.

Many thanks to Alex McKee who helped me track things down.

I recommend reading this post from Dave Meehan for more detail.

FYI, a couple things that should have clued me in (which I'll look for in the future). First, I started getting an error on my admin console about extra data sent before the headers. I stupidly went into functions.php and fixed it (even working with 8Bit support) without noticing the added code. Second, in the source to my pages, there was a misspelled "Wordpres Counter." That should have clued me in as well.

My Site Was Hacked

My WordPress site was hacked and apparently over the past couple days there was an embedded iframe that was causing a virus to be sent down. I did not totally determine what happened, but I'm continuing to investigate. I removed some bad code I saw.

Please make sure you use antivirus and your definition are current. If you do get a warning on any page, please let me know so I can investigate.

Thanks.

Adding a Pinterest Image Without Impacting Your Page Design

Recently I had to modify a page to work with Pinterest. The problem was that all the images on the page were either CSS background images or had a height or width of less than 80 pixels. In those cases, the Pin It bookmarklet simply ignores the images. So the question I had was how to make a page Pinterest friendly without impacting the design.

Happy Belated New Year!

One of things that has kind of become a tradition for me is the New Year's message at my church.

The message this year was focused was on creating new habits. I called it "Helpful Habits for a Happy New Year."

The five areas I picked were:

  • Physical Habits
  • Intellectual Habits
  • Financial Habits
  • Emotional Habits
  • Spiritual Habits

I would encourage you in this New Year, pick a couple of those areas and come up with new habits that you are going to start. And habits you are going to stop.Then write it down! Keep yourself accountable. And make this a great new year.

If you'd like to give it a listen, it's here.

Great American Garage Sale

Recently I was reading an article about how the US government was suing an Apollo 14 astronaut to recover a camera that he was trying to auction. Apparently they want it back. I'm guessing what they're going to do with it is simply put it in some warehouse like they do with everything else.

It occurred to me that the government has TONS of stuff that they could probably sell to get us out of debt. Why is the government holding on to tons of crap when they could just sell it?

When families need to get out of debt. They sell stuff. They have garage sales or sell stuff on craigslist and eBay. So why can't the government?

So here are some ideas:

  • The Smithsonian has millions of artifacts that aren't even on display. Sell them!
  • Instead of putting all the Space Shuttles in museums, take one apart. Sell the tiles. People would pay thousands of dollars for Space Shuttle souvenirs.
  • Clean out all the old junk at NASA and sell it.
  • Does the Library of Congress really need all those books? Sell some.

Wouldn't it be great on the next Independence Day for the government to be financially independent?

Can you think of any other junk the government has that it could sell?

Don't Second Guess Your Life Redux

It's been exactly one month since I shut down my blog and dropped Twitter and Facebook. While it has been kind of peaceful in that month, I realized that I was effectively punishing myself for something that I didn't do. So I'm bringing everything back as it was before, although some posts will remain removed.

The impetus of this decision was my preparation for the message I delivered at church today, Don't Second Guess Your Life. Feel free to give it a listen. Here's the summary:

  • Don’t spend too much time looking back
  • Don’t worry about what other people will think
  • Don’t be afraid to make a mid-course correction
  • Don’t underestimate the impact of one person
  • Don’t overestimate the effect of one decision
  • Don’t keep making the same mistakes
  • Don’t just make good decisions, make wise decisions

Also, in case it hasn't been clear, we moved the family back to Texas. There's more information about that in the message.

We're glad to be home.

Social Media Shutdown

Immediacy and reach.

When it comes to things like unrest in Egypt or tsunamis in Japan immediacy is incredibly important. We want to know what's happening and we want to know it now. And reach means that everyone in the world gets to hear and see what's going on.

But when it comes to our personal lives, maybe immediacy and reach isn't all it's cracked up to be.

All of us have moments where we have the impulse to say something that probably isn't the wisest decision. With the advent of the internet, blogging and social media, we are all given a platform from which to say these things. Immediacy means that we can say things quickly (usually without much thinking) and reach means that everyone can see it (whether we want them to or not). People have created entire sites based on this concept like Failbook. When you combine the immediacy and reach with the permanence of the internet, you have a recipe for failure. For that you have to look no further than FAILBlog.

My personality is such that when I have an opinion, I want to tell everyone. That's not necessarily a good thing. Besides my post this week, I've posted some pretty inflammatory things that I've regretted later. One of my goals this year was to be more less negative, and having a platform where I can easily post my negative opinions simply doesn't work for me. It's too easy. I know you're thinking I should just have some self-control, but it's not just about that.

I don't want the platform. And I want back the time that I waste interacting with platform.

So I'm swearing off social media for a while.

Not only am I stopping this blog, but I'm going to stop subscribing to blogs. The only blog I'll continue reading is planet Mozilla because it's job related.

I've unfollowed everyone on Twitter. I'll no longer be posting to Twitter. I tried to remove all my tweets, but Twitter doesn't make that easy.

I've removed all of my content from Facebook. I haven't unfriended everyone because I wasn't sure if I wanted to go that far. I'll probably just use the option that turns off all comments.

I'm leaving LinkedIn alone primarily because I don't interact with it and it has potential employment implications.

Note I'm not going to actually remove these accounts because I want to keep the names just in case I use them in the future, and also they are used for authentication.

So basically I'm going off the social media grid for a while. If you need to get a hold of me just send me an email. Anything at kaply.com will get to me.

This post will self destruct on midnight on April 15.