Wahoo!

A spiral-bound book atop a brown hat, which have two chocolate colored bunny ears extending from it. The cover of the book displays Critter Costuming: Making Mascots and Fabricating Fursuits.

Things sure are not as going smoothly as I hope. The school year is started again, and I came back with three failed courses. As usual I still couldn’t fit courses I want to my schedule. Or, for that matter figure out what courses I want. I’m now worried that with a screwed schedule like this I might not even be able to finish my four year program in five years.  I also need to get high grades to offset effects of the last two years on my GPA. Sigh.
诸事进展并不像我希望的那么顺利。我带着三门砸了的科目回到新学期,像往常一样在课程表上找不到安放我想要的科目的地方。当然,前提是我知道我想要上什么课。我现在担心以这样乱七八糟的课程安排我大概五年都完不成我该四年完成的专业。而且我还要用高等第来拉平以前砸了的科目对我的GPA的影响。哎。

From the (three) Saturday garage sale I bought a grill and an microwave oven. … oh curses. Already run out of shelf space. Where should I put my new textbooks and fursuit now? This room needs a redesign badly! Adding insult to injury is the grill setting off the smoke alarm on the first use. And I didn’t realize I bought a book on Amazon for $50 (oh my wallet)…
从上周六旧货抛售中买到了微波炉和电烤盘。……可恶。已经没有地方放东西了。接下来新书和兽装放那里呢?房间急切需要重新设计!更讨厌的是烤盘第一次使用的时候就触发了烟雾探测器。

Which, on a happier note, is the only book on fursuits – Critter Costuming. It proves to be interesting, although not enlightening like A Theory of Fun. It was written five years ago, so things like head construction is somewhat out of date, and there’s a lot of stuff in it that is available in online fursuiting communities, but it has a nice overview of materials and also contains useful tips on performance. (Unfortunately, it doesn’t mention obscure-in-US stuff like the popular 502 resin glue.)

I also got this bunny hat in a furmeet. Cuuute ~

好消息是我在网上买的书送到了。这是目前唯一的一本兽装制作指南。它确实很有趣,虽然不像《快乐之道》那样醍醐灌顶。这本书是五年前写的,所以例如头部制作等方面的内容有些过时了,并且许多东西都可以在网上的兽装社区中找到,不过它关于材料的综述是我所很少见到的,并且也包括了一些关于表演方面的建议。(可惜的是没有提到像是502胶水这样的美国罕见的材料。)

并且我在周六的兽聚中买到了这个兔子帽子。可爱吧~


附注。是的,我回到渥太华了。八月份。
PS. Yes, I came back to Ottawa. August.

まもるくん

因为Second Life 上有人做了条まもるくん的裤子,却把原角色标成了Waffle Ryebread, 我发现自己正在Google上查找这两个角色的相关图片。Waffle 是 CyberConnect2 制作的 RPG Tail Concerto 的主角,而まもるくん则是 CC2 为福冈县制作的自我保护·防灾减灾吉祥物。很奇妙的是两者是共享世界设定的。所以会搞混吧。……不过这完全不重要。
Because someone on Second Life made a pair of pants of Mamoru-kun, but marked them as belonging to Waffle Ryebread, I found myself searching for pictures relating to these characters. Waffle is the protagonist of Tail Concerto, an RPG made by CyberConnect2, and Mamoru-kun is a mascot for self protection and disaster protection and prevention made by CC2 for the Fukuoka prefecture. Interestingly, they share the same canon. So it’s easy to mess up. …but that’s not important at all.

前几天,“谷歌中国”被中央电视台“新闻联播”以及“焦点访谈”等数个节目“曝光”存在传播淫秽色情内容的现象。这不是普通的新闻节目——说它是全中国被看最多的节目也不为过。所以当 Google 这一以“不要做恶”为座右铭的跨国公司被中视和政府点名以“邪恶地毒害祖国的青少年” (设计台词) 批评,着实让卡库尔很惊讶。
A few days earlier, Guge Zhongguo was “exposed” by several programs of China Central Television, like Xinwen Lianbo and Focus. These are not your average news programs — it’s not an understatement that they are the most watched programs in all of China. So when Google, a international company with a motto of “don’t be evil” was criticized by CCTV and the government as “evilly poisoning the juveniles and youths of the motherland” by name, I was very surprised.

当然,并不是所有人对邪恶的定义都是一样的。例如,自由软件基金会的创始人理查德·斯托曼就认为因为对淫秽内容的网络审查是“纯粹,无杂质的邪恶,没有什么比它更淫秽了”。我不想对此发表意见;除了说互联网上内容众多,无论什么样的过滤,不可能完美地只过滤想过滤的内容,总是会有假阳性和假阴性的。例子:卡库尔在 SafeSearch 强制开启 (是不是点名的结果呢?) 情况下搜索关于まもるくん的图片,竟然找到了很黄很暴力的上车
Of course, not everyone has the same definition for evil. For example, the founder of Free Software Foundation, Richard Stallman, considers censorship of obscene materials to be “pure, unadulterated evil, and there is nothing more obscene.” I do not want to express any opinion on this; except that there are so many contents on the Internet, no matter what kind of censorship, it’s impossible to perfectly filter only (un)desireable contents, there will always be false positives and false negatives. Example: I was trying to search pictures on Mamoru-kun with SafeSearch forced on (was it because of the criticism by name?) and found well… underage porn.

啊……不用试着去搜索了。可能就在你阅读本文的那一刻,那张图片已经被神隐了。再说,你能够通过百万守君的大布镇吗?
Ahh… there’s no use trying to search for that. Maybe as you read this, the picture has been spirited away. Besides, can you make across the giant maze of a million Mamoru-kun?

まもるくん (守君) 似乎是还算普通的名字。特别是在防护吉祥物之中 (这些吉祥物中包括,有没有搞错,一只橘子)……但是也有人名为まもるくん的。还有监测有没有东西掉在地上的机器人。还有防止香蕉腐烂的容器。还有一只猫。
Mamoru-kun (guardian) seems to be a rather generic name. Especially in disaster prevention mascots (including, I’m not making this up, an orange)… but there are also people named Mamoru-kun. And robots that monitor whether there are anything falling on the ground. And a container to prevent bananas from rotting. And a cat.

在英文 WikiFur 的 Tail Concerto 页面上也有人提到了 まもるくん,不过写得让人以为他是某个游戏的角色。如果是就好了。如果 Tail Concerto 能出续集的话,卡库尔会很向往吧。不过教育类游戏高达八成都很无聊,还没有单纯的说教来的要有趣。讲故事的话,也许会更能接受吧。不知道福冈县和CC2有没有制作过まもるくん的动画?
Mamoru-kun is also mentioned on the Tail Concerto article on the English WikiFur, but it sounds as if he is a character from some game. If only that’s true. If Tail Concerto gets a sequel, I would be excited. But edutainment games are often boring, even more than simple lectures. A story would be more receivable. I wonder if Fukuoka Prefecture and CC2 made any animations of Mamoru-kun?

翻了下讨论页,竟然有卡库拉迪一年前对那一段提出的问题。一年以来都没有人回复。也许讨论页并不是协作的最好的方式。PukiWiki和“旧世界”的wiki软件一样,讨论大多在页面本身上进行。这种“主题模式”虽然很方便,却会把页面弄得很乱,而且没有解决讨论者还要手工排版的问题。但是PukiWiki有一个插件可以自动只显示最近的讨论,并且还可以自动排版,大大降低了讨论的门槛。这加上PukiWiki没有有效的防雷垃圾评论防护,使得麻痹怒气维基首页现在布满了勃起障碍治疗药的广告。
Looking at the talk page, there’s something Kakurady asked about that section… one year ago. Without any replies in the year. Maybe a talk page is not the best way for collabration. PukiWiki, like many wiki softwares of “the old world”, tend to have discussions happening on the page itself. This ThreadMode is convenient, but messes up the page pretty much, and does not solve the
problem of participants needing to format manually. But there’s a plugin for PukiWiki that automatically shows only the most recent discussions and formats them automatically, which lowers the threshold of discussion significantly. Adding the fact that PukiWiki does not have an effective protection against abuse, and MabiWiki main page is now full of advertisements of Erectile Dysfunction treatments.

奇妙的是 .hack//Wiki 的 Tail Concerto 条目要比 WikiFur 来的齐全。
Amusingly, the article of Tail Concerto on .hack//Wiki is more complete than the one on WikiFur.


(我的分割线哪里去了?
Where did my separator line go?)

什么?去年两门不及格?再不及格两门就要被开除了!这怎么行?
What? Two fails last semester? Another two and I’ll be kicked out? How am I gonna manage with this?

这怎么不行?
How am I not gonna mange with this?

另外,6月17日生日。
Also, birthday at June 17th.

过会儿会上图吧?
Maybe I’ll post some pics later?

[转]绿坝软件被发现存在严重的安全漏洞

转自 http://blog.cost.edu.cn/starry/?p=62

美国密西根大学的网络安全人员研究发现即将在中国境内销售的pc中强制安装的绿坝软件存在严重的安全漏洞,由于软件使用定长的缓冲区处理网页的url使得攻击者如果提供一个超长的url就可能导致程序发生缓冲溢出错误,精心构造的数据可以使得攻击者通过网页来利用该漏洞,成功利用此漏洞可以在用户的系统上执行任意代码。由于绿坝程序编写的不规范性,与此类似的漏洞还在该软件中大量存在。此安全人员建议用户暂时停用绿坝软件。

研究人员还发现绿坝软件用于图像识别的程序使用的是开源的OpenCV软件的图像识别库。而URL过滤黑名单使用的是美国商业软件 CyberSitter的黑名单库。可笑的是可能由于疏忽,绿坝的黑名单库中居然还包含一篇2004年的CyberSitter的新闻,仅仅是因为该新闻使用了与黑名单库相同的后缀名。

参考链接:
http://www.cse.umich.edu/~jhalderm/pub/gd/

实话说这三位作者在原文中并没有说他们发现了大量的类似漏洞,只是说他们在仅仅一天的时间内,就发现了两个重要漏洞,除了刚才所说的 URL 缓冲区溢出漏洞以外,还有下载过滤更新文件时使用 fscanf 读入定长缓冲区导致的另一个缓冲区溢出漏洞。由于网络过滤软件每天要面对用户的所有网络内容,这使得过滤软件非常容易受攻击,其漏洞的影响性也就十分严重。原文作者总结道如果绿坝像目前这样进行安装,将大大削弱中国的计算机安全。

不知道信息产业部对自己一声令下把全中国所有的电脑都变成乱发广告的肉鸡,会有什么想法?

Tabula Rasa

The new laptop arrived this Sunday. Of course, it had all this usual Dell crap installed along with Vista… but, with an empty personal directory, few programs and only a couple of bookmarks, instead of all my stuff I’ve been hoarding for no less than three years, but now gone, I have a strange feeling.

As if it was a blank state.

Well, it’s as good as any time to start doing things I always wanted to do!

新的笔记本电脑周日到达了。当然,和Vista一起预装了一大堆戴尔的垃圾程序……不过面对空白的文件夹和屈指可数的书签,而不是我积累了三年的各种东西,我有种奇怪的感觉。

如同空白状态。

反正现在开始做我一直想做的事情也是时候了。


XPS M1530: Windows 体验索引: 5.0/5.0/5.9/5.4/5.4,基本上和评测一样。奇怪的是 Vana’diel Bench 得分4641,和原来那台比起来没什么进步。