Sunday 30 December 2018

How to corrupt people terminal history navigation

Step 1, upload a youtube video with title contains emoji ➕ or ⌛, and use up 100 max characters, e.g.:


Now people download this video:

Now if he try to use video name in command line, it will start to corrupt the current line and also history. What this emoji does is its glyph occupy 2 lines "virtually" and then causes next line still navigate on the same line and overwrite current line. To make it take effect immediately, so I suggest use up 100 max characters which has better chance to corrupt current line immediately. Nevertheless, it will still corrupt all history lines when add longer command OR navigate command history.

He need to use sed to replace those malicious characters:

Ensure prefix with space to prevent save current command line to history.

Also this is hard to insert a new emoji to reuse the command, so we use gedit to prepare the command first and then copy-paste into terminal to run.

For safety, you should backup history first, then diff it after done to ensure no mistake on those commands:

Not all terminals has this bug, but konsole terminal has this bug since it doesn't support emoji as well like other terminals.

Friday 28 December 2018

火狐扩展 - Enable Selection

禁止选字, 右键, 拷贝, 菜单拷贝,方便菜单 google 搜索的反人类做法已经日益猖獗。

所以就自己临时学一下 js, 写了这个只有 ~20 行代码的超迷你火狐扩展, 可以重启被禁止的选字, 右键, 拷贝, 菜单。:

全部自动化, 不需要每一页去想要不要 enable, 非常适合小白。


中国报看不到 facebook 视频

[2019 一月更新]

才察觉我自己的这个 blog embeded 的视频不能播放,Chrome 可以,只有火狐不能。


点击当前页面的盾牌然后切换成 "Enhanced Tracking Protection is OFF for this site" 才能在火狐看我的 youtube 视频。

其它选择是去设置页面去掉 Cookies 的勾, 抑或保留勾但选择 "Cookies from unvisited websites" 也行。

晕, 连我这个程序员都没察觉 (日子久了忘了, 也不清楚重新安装火狐会否 sync 此设置) 火狐的设置导致视频看不了,更别说大众了。火狐你是否应该定期加个 popup 提醒呢?

听说 Chrome 也正在跟风搞这杰作。我在想你们搞这些 protection 有没有考虑过很多人不懂它会影响 embed 的功能, 然后 embed play 不到就变成很纳闷了。别说小白不会去解决, 而是一般人不大可能直觉是安全设置而只会归咎于网站的问题。

搜了一下有人问这件事,不过 答主胡乱回答一通 (回答之前不会打开不同浏览器测试或研究一下???),只好我来回答帮下。


如果你是用 Firefox 应该能察觉, 理应有视频的地方变成空白一片:

点击上面地址栏那个 “盾” 的按钮:

再点击 "Trackers", 可以知道 Firefox 已经 block 了 facebook, 所以 iframe 里头的 facebook video plugin 是看不到的:

点击 "Manage Content Blocking", 可以来到这页面:

从默认 Strict 改成 Standard 即可, 回去中国报, 重新打开页面:

即可看见视频。 ical 也有一样的问题, 不过 enable 再 disable 即可。

gcs alarm 抢戏票

用 crontab 每分钟跑, 一旦该戏 available to purchase 就会自动打开 gedit 提醒:

* * * * *  if curl -sLk '\%20BALL\%20SUPER:\%20BROLY\%20&opsDate=2018-12-29&control=DLePaymentMovies' -A 'Mozilla/5.0 (X11; Linux x86_64; rv:65.0) Gecko/20100101 Firefox/65.0' | grep '2018-12-29' | grep -i 'selected'; then echo 'Movie Dragon Ball Super available purchase now, fast fast booking :p' > /tmp/gsc; export 'XDG_CURRENT_DESKTOP=GNOME'; export 'GNOME_DESKTOP_SESSION_ID=this-is-deprecated'; export 'DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus'; export 'DISPLAY=:0'; gedit /tmp/gsc; fi