Recently, I noticed someone using one of the QuickSearch toolbars included in Firefox as a place to temporarily paste something while working on their desktop.
It makes sense, you need to place to hold something for a moment – it’s right there and readily available. And since you’re not pressing the Enter key, it’s not going to be sent anywhere right?
Well, actually it is. After you stop typing, it immediately sends an HTTP POST request to it’s target (Google in this case). And while the search does takes place, it doesn’t update your browser (so you might not realize it even happens). Here’s a copy of the content in the packet:
GET /complete/search?output=firefox&client=firefox&hl=en-US&q=mysuperleetpassword HTTP/1.1
Does this matter? That depends on what you put there. You probably wouldn’t pick up the phone and call Google (or Yahoo!, or BING, etc) and tell the receptionist “Hey, my Facebook username is … and my password is …”, but you can very easily do this by simply pasting ANYTHING in that handy little search bar.
Here’s a quick video of me running a packet capture and typing something into the search area. Again, I only moved my cursor – never did I press Enter (View it fullscreen for better detail).
I wonder how much garbage accidentally falls into search engine pits like this. I’m also curious as to how many sites log mistyped passwords (think of it this way – you accidentally type your webmail password into Facebook or vice versa).
Not much has happened project-wise in the last few weeks. Any free time I’ve had has gone to updating the wireless firmware to capture MAC addresses and pass them off to an Elgg plugin I’ve written. I’m still waiting on a box of 10 Servo’s from China to continue my RC Car modification project.
I’ve also got plenty of work to do around the house until May.
But now, after almost 4 years, I’ve decided it’s time to spruce up BrainDeadProjects.com. I’m retiring the glowing brains that have been the personification of BrainDeadProjects for these past few years. Sure, remnants will probably remain (the favicon for instance)… but now let me introduce you to “Tin Can Head“:
Tin Can Head is the work of LogoDesignCreation.com. Give them your idea, and for a modest amount (under $60), they’ll propose a few design ideas for you. Turnaround is fast, Wired.com gave them a good grade, and overall I have to say that I’m pretty satisfied.
More project updates soon, in the meantime stare at the glowing brains of Tin Can Head.
Recently I was intrigued by a Hack A Day post regarding a low-cost development platform for their MSP430 line of microcontrollers. I’ve long wanted to toy with an Arduino, but with many other projects currently under my belt, I’ve jut not had the time. When I heard the Launchpad was only $4.30, I figured I might as well pick some up for future use.
To make the shipping worthwhile, I ordered 3 of the boards from DigiKey. Unfortunately they were on back-order, but less than a month later – I got my purchase in the mail:
Each box contains the Launchpad Development board, USB cable, pin headers, a crystal, and two MSP430 chips. The online wiki contains links to a couple IDEs for use in the Windows world – and Hack A Day has a good writeup on using the msp430-gcc compiler in the Linux world.
Acting like an impatient kid, I put schoolwork and other projects on hold for a couple days to dig into the Launchpad. First mission – the basic “RC Car modification”.
This is something I should have had by the time I was in high-school – if not by 5th grade. The Electronics Learning lab contains 2 lab manuals (one covering Basic Electronics, the other Digital Logic), about 20 ICs, a handful of transistors, numerous resistors and capacitors, and jumper wires (among a few other things). The console itself has numerous built in potentiometers, LEDs, a relay, a transformer, a buzzer, speaker, DPDT switch, and many other components ready to use. Each of the built-in components uses springs to make contact. There’s also a built in breadboard.
Each lab manual contains background information on each of the various components, as well as example circuits that you can build. Each circuit contains a standard schematic, step-by-step instructions, as well as a checklist to help the user build an error-free circuit. The explanations on how many of the circuits work are lacking – requiring the user to do additional searching and reading to get a full understanding of what’s going on. (But seriously, that’s how it should be: You buy the lab to learn, doing additional reading should be encouraged)
Which circuits you build and in what order you build them is entirely up to the user. Each manual is structured so that learning is incremental: You learn how resistors work, you learn how capacitors work, you learn many different ways in which resistors and capacitors can work together.
My goal is to work through each book page by page (I’m only just over halfway through manual 1). Each manual is about 96 pages long so this can easily be done in a long weekend (or a few in my case).
I really wish my high-school had offered an electronics class. My limited knowledge had been enough to get me by for basic projects, but the labs I’ve done so far have really bolstered what I know. And at $70, this is a real deal.
Next up: After completing all the labs, go back to the RC Car modifications and explore the possibilities of a TI Launchpad.
I get a lot of hotlink spam to this site, and normally I don’t particularly care. But when Mercado Libre (an online sales forum similar to E-bay) started using the pictures of one of the switches from my CCNA lab for a posting – I decided I’d try my hand as a sales person.
They could have at least resized the image – but here’s a snippet of what the posting looked like (note: since modern browsers cache imagery, you’ll likely have to hold down the shift button and hit refresh when looking at that post):
A few quick rewrite rules to tamper with that HTTP Referrer: