My new wireless router came with a coupon for 50 free downloads from eMusic. Is there a particular strength that store has? It seems like mostly the usual unfiltered jumble of unknowns, with no good way to see what gems others have found and Todd Snider is the only one I know at all, with shovelware albums from some bigger-name artists mixed in.

Any suggestions for an artist or genre I could try out, or a better way to browse? The site also has a lot of scripting that my Firefox doesn't like.

It's bad enough when you're actually serving the data from your own site but it's in some form where you can't audit it. That's one of the many reasons I hate Flash.

But even Javascript sucks, when you <script src="someothersite">. The moment you do that, you know that all sorts of horrible things can go wrong. You just have to have faith. Faith is what it comes down to. And it can be justified, I guess, because you can get away with it for years.

Until this morning when our webpage was only showing for a second and then the whole thing would then redirect to someone else's site. Adios, visitors.

(What actually happened: the domain we were including from, apparently expired and now any http request goes to a Network Solutions page, instead of returning a DNS error like it should. Fuck you, Network Solutions, as if we didn't already know you're evil and dangerous. But the same risk remains even if someone's domain doesn't expire; they can always serve a different script today than they did yesterday, and that script can do anything with the DOM that it wants to. There's no way to sandbox it.)

It's "standard practices" to include external scripts. Everyone does it. The ad people aren't techies; if I were to tell them, "uh, we don't want to include any external scripts that might change from load-to-load, and we also don't want to include any Flash crap unless we've compiled it from readable, auditable source ourselves," they would think I'm crazy. You know, one of those open source fanatics. They would say, "Gee, that's a shame you don't want the money," and go on sending the same dangerous ads to our competitors while we collect nothing.

Is it really an unreasonable weirdo religious fanatic position, to just want to be able to make sure that stuff will work and not do anything crazy? I don't think so. The fucking "standard practices" need to change, but how can one person do that? *sigh* I feel so powerless.

I'm not qualified to have an informed opinion on the bailout bill, and I certainly understand the skepticism and hostility towards it. But I get the feeling that this was a huge missed opportunity to avoid disaster...

Anyway, Shanah Tovah to all Jewish readers!

houghi and mr.witherspoone, a couple of comments down on this exchange from the Saudi supercomputer story.

But I see Frank Mundus died yesterday. I read Monster Man as a kid, and remember it almost verbatim today.

I'm still not entirely sure what that commercial is selling (Oreos, right?) but I wonder if I'm not the only person who watched it and thought "The four of them of them totally ought to date!" They seem like they'd hit it off, actually, and it might be the only way the Brady-Bundchen/Monahan kids will get any serious competition.

Remember when there used to be those window managers whose big selling point was that you could do things to them in LISP, back when people still cared vehemently about window managers. We now have qtile which now allows the same thing in Python. I'll give it a try to see why anyone would want that, which I never understood for the LISP browsers.

Either I'm easily amused today or there's a lot to post about: Hal Porter on the Las Vegas Star Trek exhibit.

Chinese lab chooses abbreviation for their newly-invented copper nano-tubes -- points if you've already guessed where this is headed...

Fallingcow, on a pretty dumb Ask Slashdot. (Not dumb of the questioner, necessarily, but you'd think Timothy would know better.)

This deserves a front-page link but Friday afternoon at 4 isn't conducive to my composing a blurb: sudoku solving using Debian's package dependency resolver.

GMail's displayed ad:

As I read a news alert from Forbes: "Making Money Doing Nothin - TheRichJerk.com - I Cracked the Code to Making Money. Now I'm Rich and You're Not."

As I move on to the table of contents from Nature: "Labmeeting - www.labmeeting.com - A new free tool for scientists that organizes your paper collection."

badboy_tw2002 on Collimating Semiconductor Lenses.

Anonymous Coward, on liquid metal CPU cooling.

Out of the blue, I got an email from my mom. She's been corresponding with someone about some sensitive things, and asked how to encrypt her emails.

My writeup is 9 paragraphs long. *sigh* There's so way she's really going to be able to do all that without me eventually going over there.

This is on Mac OS X. Sheesh. A Unix that doesn't come with gpg out-of-the-box, and the preloaded mailer (mail.app) needs a hard-to-maintain 3rd-party hack just to get basic functionality: you call this "just works?"

I don't wanna turn this into a specifically-Apple flame (I know of another high-marketshare desktop OS maker that also makes some pretty shitty apps), so I'll just make this generic comment: mail encryption is a very fundamental thing and it's ridiculous for it to not be built into all desktops. That's like a web browser that can't talk https. The howto I sent to my mom should have been about key exchange issues, not installing plugins. It's a disgrace for any mailer to not have this. This kind of shit is half the reason crypto goes unused by so many people. It's a pain in the ass not just because of the complex concepts (e.g. learning how to exchange keys safely) but because the most highly-deployed apps don't even work as-is.