Via PhotoMatt (one of the lead WordPress developers), I learned that there’s a newly discovered security flaw in Movable Type that could allow spammers to commandeer your Movable Type setup as an e-mail gateway (by futzing with the comment page, since that already sends an e-mail to the blog’s administrator).

Fortunately, there’s now a patch available (via a plugin) which works with both MT 2.661 and MT 3.14. After downloading the patch, just upload it to your plugins directory and set its permissions to 755. That’s it. (If you need an ftp client which can set permissions, FileZilla is an excellent open source ftp client which can do that.)

Ah, TiVo. It works in mysterious ways. For those of you sans TiVo, each TiVo can be set to record “Suggestions” — these shows are recorded based on ratings given to past shows. And, over the weekend, I had discovered that my TiVo had recorded Go Baby for me. Now, I have no kids, so I wasn’t sure why TiVo recorded it for me. But I then remembered that TiVo also records some suggestions based on aggregating the shows I like with the shows that other TiVo owners like (sort of like the “you might also like” feature at some online retailers).

So, I looked over the show’s details and discovered that it was only five minutes — so, suckish or otherwise, I figured that I had little to lose. Not having ever heard of the show, I had no idea what to expect (though I did have a hunch that it could be a children’s show). Well, the show starts up and it stars this live-action baby, animated South Park-style, via animating and rotating among a variety of photographs of the baby. Still confusing? Well, it turns out that the Disney Channel — the network which airs it — has the entire episode online (just click on “Farm” to see the episode which I’m writing about).

So, there’s this baby — who mostly just giggles and gurbles — and the narrator talks to the baby and the audience. And, it’s mostly just that silly dialect which adults adopt when conversing with babies:

Narrator: Look, Baby is on a farm. Baby is looking for a lost sheep today. Will you help Baby find the lost sheep?

[narrator points to a pig]

Narrator: Baby thinks that’s a sheep! Do you think that’s a sheep? [pause] You’re right — it’s not a sheep!

[…]

I was only slightly drunk at the time, but I found it hilarious. And, as I watched it a second and third time, I noticed that the narrator’ voice sounded awfully familiar but I just couldn’t think of who it was. Then it dawned on me that it was Richard Kind (yeah, “Paul Lassiter” from Spin City, among other roles). In any case, I now have a Season Pass for Go Baby :).

There hasn't been a WordPress Meetup in a while (and I’ve never been to one) but it looks like they’re trying to get that started again. As a future WordPress user, I’m kinda looking forward to it — the Dallas Meetup is going to be tomorrow at 4:00pm at the Starbucks at Custer and Renner.

And apparently Ryan Boren will be there as well (he and Matthew Mullenweg are the two lead developers). Ryan also goes over some of the topics up for discussion in his blog entry about the Meetup ;).

The top secret release date for WordPress 1.5 will be revealed, and free “Licensed to Press” stickers will be given to those who agree not to gripe about nofollow. (Yes, I’m joking. No release date and no stickers for you.) […]

So, it looks like the official word is ixnay on the eleaseray ateday. All the same, it could be cool to get up to speed on all the new features going into WordPress 1.5 (and, yeah, they’re jumping from 1.2 to 1.5 because of all the changes since the last release).

I brought some cupcakes in to work last week and I thought I’d share the recipe here. Thinking over what I should bring, I was looking for something more substantial than a cookie, but still hand-held (for the sake of easier office eating). I soon narrowed it down to cupcakes and I looked through the cupcakes section of AllRecipes to see if anything caught my eye — and the Chocolate & Cream Cheese cupcakes sounded pretty good.

So, I bought some cream cheese and cocoa over the weekend and made the cupcakes later that week. I made them with Splenda and I’m pleased with how they turned out. And, other than the flour and chocolate chips, the cupcakes were relatively low carb (well, by cupcake standards, anyway). There’s also a photo of the cupcakes at the RD2 blog. Anyhow, on to the recipe:

Black Bottom Cupcakes I

Prep Time: approx. 30 Minutes
Cook Time: approx. 30 Minutes
Ready in: approx. 1 Hour
Makes 2 dozen cupcakes (24 servings)

Ingredients:

• 1 (8 ounce) package cream cheese, softened
• 1 egg
• 1/3 cup white sugar
• 1/8 teaspoon salt
• 1 cup miniature semisweet chocolate chips [regular-sized chips worked fine for me]
• 1 1/2 cups all-purpose flour
• 1 cup white sugar [or Splenda, natch]
• 1/4 cup unsweetened cocoa powder [I upped this to a heaping 1/3 cup, as recommended in the reviews]
• 1 teaspoon baking soda
• 1/2 teaspoon salt
• 1 cup water [I used a cup of milk instead, as recommended in the reviews]
• 1/3 cup vegetable oil
• 1 tablespoon cider vinegar
• 1 teaspoon vanilla extract

Directions:

1. Preheat oven to 350° F (175° C). Line muffin tins with paper cups or lightly spray with non-stick cooking spray. [I both lined and sprayed, just to be sure.]

2. In a medium bowl, beat the cream cheese, egg, 1/3 cup sugar and 1/8 teaspoon salt until light and fluffy. Stir in the chocolate chips and set aside.

3. In a large bowl, mix together the flour, 1 cup sugar, cocoa, baking soda and 1/2 teaspoon salt. Make a well in the center and add the water, oil, vinegar and vanilla. Stir together until well blended. Fill muffin tins 1/3 full with the batter and top with a dollop of the cream cheese mixture.

4. Bake in preheated oven for 25 to 30 minutes [I only baked mine for about 20 minutes, as recommended in the reviews].

The only change I might make would be to make extra cream cheese topping next time, as I almost didn't have enough for all of the cupcakes. But, other than that, I think I’d make these again sometime.

I’ve been working at RD2 since July and we started a company blog shortly thereafter (which was my boss’ idea, though I readily agreed with him). I hadn’t mentioned the company blog here yet, only because I didn’t want to prematurely announce a blog with only a handful of entries. But, it’s now been going well for a few months now and I thought it would be worth sharing.

My coworkers and I have been adding entries on everything from css-based image rollovers to the pumpkin scones at Starbucks. Here’s a sample of some of the entries which I’ve written:

• Image Replacement with CSS Based Rollovers — if you haven't dealt with non-rollover image replacement, it would probably make more sense to read the entry on regular image replacement first.

• The Holy Grail of CSS Layout Techniques? — Through a combination of floated page sections (content, navigation and so on) and auto-float-clearing, you can selectively clear floats (and not just clear floats straight across the browser window). This is pretty nifty, well, for CSS developers :).

• Hiding Text But Not From Screen Readers — You would think that you could just use display:none to hide text from visual browsers while letting it through for screen readers, but it doesn't quite work out that way. Fortunately, there’s a way around that.

• Back to the Firefox Trunk Builds! — The Firefox 1.0 release was based off the Firefox “branch” while development on the rendering engine continued on the “trunk”. What does all this mean? Well, the Firefox trunk builds are good enough to use these days and they’re worth a try.

• May as Well Set Floats to Display: inline — Floated elements are automatically set by the browser to display:block — or, that's what's supposed to happen, anyway. In IE, if you try applying a margin in the same direction of an element’s floating (such as margin-left on a float:left element), IE will double the margin! But, setting the floated element to display:inline can get around that.

So, I’ve generally written my more technically oriented entries at the RD2 blog while I’ve written much of my non-technical entries here. In some ways, it’s as if I have two blogs now, though I’m sharing the RD2 blog with the other people with whom I work ;).

I recently wrote a comment on Ask.MetaFilter, the gist of which is that I plan on switching this blog from Movable Type to WordPress (probably with the next major WordPress release, to save myself at least one upgrade cycle).

And, Anil Dash — the vice president of Six Apart, the Movable Type company — saw my comment and e-mailed me personally to ask why I had decided on that. Though I’ve e-mailed him a reply as well, I’m posting my response as an open letter here, in case other bloggers are considering the switch to WordPress.

Hi Anil,

Fancy running into you on the InterWeb. And, I believe we’ve met before at SXSW — I’ve played kickball both in ’03 and ’04 :). I also found a picture of me from the SXSW 2004 moblog.

I’m still planning on switching to WordPress and it’s primarily due to Movable Type’s new licensing. Sure, I can use 3.x for free as I limit my blog to one author and three or fewer blogs — which currently is the case — but why not switch to a publishing system without those limits, in case I want to add another author or a few extra blogs sometime later?

I think my thoughts on this are summed up well in DiveIntoMark’s essay "Freedom Zero":

“I do not have the freedom to run [Movable Type] for any purpose; I only have the limited set of freedoms that Six Apart chooses to bestow upon me, and every new version seems to bestow fewer and fewer freedoms. With Movable Type 2.6, I was allowed to run 11 sites. In 3.0, that right will cost me $535. […]”

Continuing along those lines, I can’t be sure that Movable Type 4.0 won't limit free use to one author + one blog — or even start charging for non-commercial use in general. Now, I take to heart that Six Apart is one of the most non-evil companies around and that such a scenario may be unlikely; but that’s not to say that it couldn't happen.

Anyhow, Anil, please don’t take this as anything against you personally. I’ve had a great time playing kickball every year and if you’re ever in Dallas I’d be happy to take you out for a beer (HHOS).

--
Alex Bischoff

Full disclosure: Grace Hill Media offered bloggers a free screening pass in exchange for writing an entry about In Good Company; I participated in that offer.

I saw In Good Company last night. I’d been seeing commercials for it on TV for weeks and a few ads appeared in my TiVo as well; and, it looked pretty good from those ads. To be honest, you probably already have an opinion about this movie, one way or another. And, if you liked what you saw in the trailers, you’ll like this movie.

One fault of the trailers is that they portray this as a fish-out-of-water story, which is only partially true. In short, 26 year-old Carter Duryea (played by Topher Grace) suddenly becomes the boss of Dan Foreman (played by Dennis Quaid) as he takes on the role of head of advertising at a sports magazine. However, that scenario is only a major plot device for about the first half hour.

Past that, it gets into personal and personnel relationships. In particular, Dan’s daughter Alex (played by Scarlett Johansson) becomes romantically interested in Carter. On top of that, Carter has to adjust to his new position within the company.

Really, I knew what I was getting into when I walked in to the theater — one run through the trailer clearly defines the scope of the film. All the same, this isn’t another paint-by-numbers romantic-dramedy. You may think you know what’s going to happen, but it doesn’t always work out that way.

At one point, I was even hoping for the ever-elusive Accountants Ending. (For those unaware, the “accountants ending” is the prototypical unexpected ending for a fictional work: Two men face off at the end, about to kill one another. Then, one interjects “Do you think we should just become accountants?” to which the other replies “Well, right-o. Let’s do that.”)

I enjoyed the characters and the film as a whole; and I also found the set design notably charming. In the scenes taking place within Dan’s house, the furniture, lamps and bookshelves all seemed authentic to a man of his position in life. The sets within the office-oriented scenes were also good, though I did notice an annoying tendency to use underlighting — such as from podiums and even conference tables — that I couldn’t imagine any actual office having.

Some critics describe a movie's worth in terms of whether it’s worth seeing in the theater, as a rental, or not at all. And, as I was walking out of the theater, I was trying to ask myself that question. I was generally leaning towards “maybe a rental”, but I think I’ll qualify that. If you liked the trailer and you like Topher Grace as an actor, you can’t go wrong with seeing this in the theater — it may not be high literature, but you’ll have a good time.

I do have a few minor gripes about the movie, primary of which is that the director and/or score composer didn’t always trust his audience to “know how to feel”. For the most part, the script could have stood on its own; but, there were times where I’d notice a sappy acoustic guitar piping in as if to say “See? You’re feeling all mushy inside, right?”.

In addition to that, Johansson’s lips looked swollen throughout the flick. I've seen her in other works, notably Lost in Translation, but her lips just seemed to big for her own face here. Really, in her first scene, I thought that the make-up artist had just done a shoddy job — that he/she had not “colored within the lines” when applying Johansson’s lipstick.

Another nit was Carter’s Porsche 911 Carrera. One of the first scenes clearly establishes him buying an automatic — as he drives out of the dealership, the camera cuts to a view of his hand putting the car into “D” or such. However, a running joke throughout the movie is that he can barely drive this car. Now, setting aside the cliche that is the Can’t Drive A Manual joke, the joke isn’t even relevant with an automatic transmission. Driving such a car is just a matter of pressing one’s foot down on the skinny pedal towards the right ;).

Bryan is aware of my penchant for JFDs — Jelly Filled Doughnuts, perhaps my favorite doughnut variety — and he brought some in to the office today. He brought in a variety of doughnuts from Krispy Kreme, including some raspberry JFDs. Well, how could I resist?

So, as I went through my usual morning routine of checking my e-mail and upgrading my browser, I made my way through the doughnut. And, the raspberry filling was a nice change of pace from the usual “red flavor” which goes into JFDs. It did seem a bit sweet to me at the time, but that’s probably just me since I don’t consume much sugar these days.

It’s now about an hour later and I’m wishing that maybe I didn't eat a whole doughnut. Calories aside, I feel a little woozy. In fact, in pondering the sensations from my midsection, it seems to resemble a punch in the stomach. I’m sure I’ll be fine soon enough but I didn’t expect that doughnut to have such a lasting impression ;). Note to self: Doughnuts may be delicious delicacies, but perhaps more so in moderation.

PS: Bryan, I still appreciate the gesture and I consider this purely my fault ;)

So, I suppose you've been wondering why TNG Klingons have bumpy heads while TOS Klingons have smooths heads? Or is that just me? Well, Sci Fi Wire is reporting that an upcoming episode of Enterprise will deal the subject. (For those unaware, Klingons in “Star Trek: The Next Generation” had alien-looking bumpy heads while the actors in “The Original Series” had no such prosthetics.)

In the episodes, the Enterprise heads back to Earth for the official launch of the Columbia NX-02, Starfleet's second warp ship, commanded by Erika Hernandez. Phlox is abducted by aliens and finds himself in the presence of Klingons who tell him the Empire is facing its gravest threat in centuries. Along the way, as Archer and company investigate and pursue, it’s revealed that one of our main characters has a secret past, which comes into play, the site reporte. […]

I did some additional investigation and discovered that the episode, Affliction is scheduled to air on February 18th. And, as I enjoy Enterprise, I’ll watch the episode when it airs. But I’ve never cared that much about this issue — I just figured that 60s television shows didn’t have those kind of makeup effects. (On the other hand, some Trekkers have completely over-analyzed the subject, to the point of hypothesizing scientific theories within the Star Trek universe which could have explained the discrepancy.)

Preface: Mashups are an art form where someone superimposes one song on top of another to form a brand new song. Wired has a good article on the phenomenon.

I recently ran across the darndest thing: a mashup of Nickleback + Nickleback. The original MetaFilter thread was back in April, so maybe I’m a bit behind the curve on this one ;). But, there was a recent follow-up thread when NPR covered the mashup.

And, unlike most mashups, this one wasn't done as a tribute to the bands involved. Rather, a fellow named Mikey Smith wanted to show his girlfriend that all of Nickleback's songs sound just about the same. And, in particular “How You Remind Me” and “Someday” could be combined almost eerily (with one song in each channel).

And, while the original threads don’t have an MP3 handy of the now-christened “How You Remind Me Of Someday”, this guy at Nintendorks has the MP3 on his server (yeah, I could link to the MP3 directly, but I figure that I could at least link to his entry about it if he’s donating the bandwidth for it).

Really, this mashup just weirds me out [and trying to figure out how to un-end that sentence with a preposition almost made my head explode]. The songs plod along at the same pace, the drum solos come in almost one-after-the-other and the choruses are almost in sync as well. I didn't like Nickleback before — though I couldn’t put my finger on it — and now I think I've figured out at least of my reasons ;).