Borat is a comedy which includes all sorts of crass humor. It’s good and funny if you enjoy such jokes. I liked it and rate it 7/10.

Since Borat seemed like my kind of comedy, off I went to the theater with a friend one weekend to watch it. However, in keeping with the tagline for the blog — The art of keeping up with yesterday’s blogging — you are reading about it now about 7 weeks later.

Borat – Cultural Learnings of America for Make Benefit Glorious Nation of Kazakhstan is good if you like crass humor and don’t mind ethnic jokes or potty humor.

Sacha Baron Cohen has his own style which he perfected in Da Ali G Show. I like such humor and so laughed during most of the movie.

While those people in the movie who didn’t know that all this was an act brought the laughs on themselves, I can imagine Kazakhs might be miffed at Borat’s portrayal of their society.

I rate the movie 7/10.

Before the Dawn

This is a good book by Nick Wade which covers human prehistory as seen mostly from the study of genetics.

Before the Dawn: Recovering the Lost History of Our Ancestors is a book about human prehistory by New York Times Science section reporter Nicholas Wade.

This book explores human history from the development of speech to agriculture and settlements. Its focus is mainly on genetic information.

I liked the book as it is full of lots of interesting information about human prehistory. As a science reporter, Nick Wade is also good at writing science stories and hence keeps it interesting and accessible for the layman.

If I have any issue with Before the Dawn, it is that it should be thought of more as a series of articles than a book with a continuous flow through the chapters. Also, at a few places, it felt like the author was describing some current research which might or might not pan out in the way it is described. However, that is always a trade-off in such a book, whether to focus on the state of the art (which might be rejected later on) or write only about widely accepted ideas (which reduces the appeal of the book).

Overall, it is a book worth reading if you are interested in discovering about humanity’s origins and development.

Chattahoochee East Palisades

We hiked the East Palisades area of Chattahoochee River National Recreation Area in November. You can download my track log as well as see photos I took on the trail.

The Chattahoochee River National Recreation Area is a fun place around metro Atlanta despite the pollution in the river. I wouldn’t recommend rafting in the river now (I did it countless times in the distant past), but there are some nice short hikes there.

Here is the track log of the East Palisades loop trail in GPX format.

You can also get park maps in PDF format.

Below you can see the trail we followed as well as some photographs. Since we hiked there in early November, you can see some nice fall colors.

Continue reading “Chattahoochee East Palisades”

Casino Royale

I am a big fan of James Bond and have seen most of the 007 movies. Casino Royale features a new Bond actor and is different than recent Bond fare. I rate it 7/10.

I am a fan of Bond movies and have seen most of them. So we went to the theater to watch Casino Royale.

This movie features a new Bond actor, Daniel Craig. And a new Bond too as his character becomes 007 at the start of the movie. This marks the movie out to be different than the typical Bond fare. For example, Bond does get hurt. He doesn’t have as many gadgets as in recent movies and has to work hard. The charm is of course there. And then there is Bond falling in love too!

Overall, this was a good movie. I would rate it 7/10.

Movable Type Security Bug

Movable Type 3.33 has a script injection bug if the nofollow plugin is disabled. Comment text is no longer sanitized as it should be.

Last month, Jacques Distler brought to my attention that Movable Type 3.3 had a script injection problem. Basically, any Javascript entered in a comment would not be sanitized and would appear on the blog. For example, try typing this in the comment form:

<script type="text/javascript">alert('hi!');</script>

It looked like Movable Type was no longer sanitizing comments, which it did until version 3.2.

Since both our installations were heavily modified, we were not sure whether it was due to our code modifications or an inherent Movable Type problem. I checked at a number of other weblogs and found out that script injection was a problem at some but not at others.

I brought this bug to the attention of Six Apart, the company that makes Movable Type immediately. They confirmed the issue and clarified that it affected only those users who had disabled the nofollow plugin distributed with MT 3.33. They also asked me for 30 days before making the issue public so that they could work on a fix.

While there has not been any announcement by Six Apart on this matter, I expect that they would fix it in the bugfix release 3.34 currently being worked on in their code repository.

Meanwhile, if you are using Movable Type 3.3, here are your options. If you have the nofollow plugin enabled (which it is by default), you shouldn’t have a problem. Otherwise:

  1. Enable the nofollow plugin.
  2. Edit your templates by adding sanitize="1" to the MT comment tags, like this:
    <MTCommentBody sanitize="1"> and <MTCommentPreviewBody sanitize="1">.

UPDATE: It looks like the sanitize function is completely disabled when you disable the nofollow plugin as it isn’t sanitizing my entry text either.

UPDATE II: Movable Type 3.34 fixes the problem.

Happy New Year

Happy 2007!

2006 CE has ended and 2007 beckons.

Happy New Year, everyone.