Pebble Watch

So I ordered a pebble watch, back in April, right before their kickstarter really started blowing up.1 And as far as I can tell, that was a terrible idea.

First, ship dates.

Estimated delivery: Sep 2012

Yeah. That was a joke. Now ok, demand was much higher than they anticipated. So yes, it’ll take longer to get everything ramped up.

But here’s the problem. That wasn’t the issue. They completely missed their ship date even if there were only 5% of the orders.

HACKER SPECIAL […] Estimated delivery: Aug 2012

Yeah. The SDK wasn’t nearly done by August. This isn’t affected by the amount of orders. This is software. You write it once for everything.

And looking at the examples of the software, it looks like the UI of something Palm made back in the early 2000s.

The demo video on kickstarter shows a smooth working product, but with every update, there’s just more and more evidence that everything in that video was just made up.

Second. What it can do.

Out of the box? Pretty much nothing. Use it for cycling or running? Nope. Nothing out yet. The golf picture on the kickstarter page? Nope. Nothing.

What can you do? Change the watch face. Change songs. Notifications. And umm, that’s it.

Third. PR/Marketing.

With all that money, they really should’ve hired someone for PR.

Tilt your wrist and the backlight turns on. AMAZING FEATURE!1!!!1 Yeah, my $20 Casio does that.

Only watch to display fuzzy time. EVER! Yeah, no.

Fourth. iPhone support.

Here’s the deal. The iOS is locked down. That’s pretty well known. There’s not much that can really be done until Apple changes their policy.

But don’t sell me something knowing that it doesn’t work.

Receive important notifications

They actually got lucky on this one. iOS 6 added Bluetooth notification protocol (MAP). Using it on my car, its kinda hit or miss. I get text messages, but that’s it. Push notifications, email 2, and new voicemails don’t get alerted.

But when it was announced, iOS 6 wasn’t announced, including any new features it brought, so notifications on iPhone weren’t happening. 3

Their response? Oh, it’s for android, except the whole promo video revolved around the iPhone. They are the more likely ones to buy these things. 4

1. Around 3-4000th backer.
2. At least on exchange. Supposedly works with IMAP, but would much rather have push email than fetch.
3. But mister James, mister James, there’s an API for the watch! All the developers have to do is… Nope. Developers around the work are going to modify/rewrite all their apps to support a watch, that 100k total exist? No. Sure, some will, but the vast majority will not.
4. Not that android users are cheap or anything, but I’m pretty iPhone users have a much greater tendency to buy useless tech stuff.

Burn bootloader for Arduino Duemilanove w/ Atmega328 using avrdude 5.10

This is using a new Arduino Duemilanove board with a regular Atmega328p, with no bootloader. I wanted to do the BitBang mode, since I didn’t want to get or make anything else, and the ArduinoISP, I didn’t have access to another Arduino. So I pieced together 3 different guides, I finally got it working.

This assumes you have a Duemilanove with Atmega328p. Running Ubuntu 9.10, though really any distro will work, though how you get the dependencies will vary. Also, you have the Arduino IDE installed to /usr/share/arduino, which if you install using the deb source method, it will be.

First, setup the Arduino as shown here. I used the first wiring guide, but either should work.

Next, setup avrdude on Ubuntu. I followed this guide, but used avrdude 5.10, instead of 5.8. The commands remain the same, except instead of downloading 5.8, you download 5.10.

Here’s what I ran:

tar xfvz avrdude-5.10.tar.gz 
cd avrdude-5.10/
for i in 8 7 6 5 4 3 2 1 0; do wget -O patch-$i.diff$i; done
for file in patch-*.diff; do patch -p0 < $file; done
tar xzf libftd2xx*.tar.gz
cp libftd2xx*/static_lib/* .
cp libftd2xx*/*.h .
cp libftd2xx*/*.cfg .
cp /usr/share/arduino/hardware/arduino/bootloaders/atmega/ATmegaBOOT_168_atmega328.hex .

Then you edit the file, Makefile:
LIBS = -lreadline -lncurses -ltermcap -> LIBS = -lreadline -lncurses -ltermcap ./libftd2xx.a.0.4.16 -lrt

Then just run make.

Third, run:

sudo ./avrdude -C avrdude.conf -c duemilanove -P ft0 -p m328p -t -B 4800

And in that:

w efuse 0 0x05
w hfuse 0 0xda
w lfuse 0 0xff

This sets up the efuse, hfuse, and ifuse values. This has to be run at a lower baud rate.

Fourth, run:

sudo ./avrdude -C avrdude.conf -c duemilanove -P ft0 -p m328p -U flash:w:ATmegaBOOT_168_atmega328.hex

The bootloader has been flashed. Lock it by running:

sudo ./avrdude -C avrdude.conf -c duemilanove -P ft0 -p m328p -t

And enter:

w lock 0 0x0f

Now, your Atmega328 should be ready to use. You can try it by uploading the example Blink from the IDE.

Twitter Push Notifications with Prowl without Growl

Prowl has an API. Just found that out. Even has a python module written for it, that’s already been forked many times.

So I made a twitter push notification script.


Runs every minute and pushes any new timeline posts to you. Really simple. Just throw it on a server or any box that’s running full time.

RSS and Gmail scripts coming.

Ubuntu Notification Daemons

The new notifications system in ubuntu is actually pretty slick, but having to run multiple apps to get the notifications is annoying.

So, time to make daemons for the notification system.

First, and only currently, is the twitter pseudo-daemon. And it’s wiki page.

Currently working on switching to an actual daemon and a gmail daemon, though python-libgmail is failing hard.

Any suggestions, post them.

Paintball Headlines Theme

I said I would post the theme for headlines when I thought it was acceptable. There are still problems, but whatever.

Anyways, this theme is based upon this tutorial theme, but changed to have multiple author support, support tags and categories, and be a double right column instead of a column on both sides. There are a few other little changes in there.

Github Repository

I’ll try to update the theme whenever I change anything; I just have to remember to do a svn ci each time.

To run by default and not get errors, you need do need a few plugins, like wp_dtree. There’s also a classifieds plugin that I wrote just for headlines that’s needed, but I don’t plan on releasing that, since it contains db info and it’s pretty much just a MySQL query. In sidebar.php, just comment out the get_classifieds_new(10); code.

Edit: Changed to Github, since DevjaVu went away.

Python Random Show Player

This is a pretty simple little script I coded a while back that will play an n amount of randomly picked shows from a collection of shows.

Like, “ 5” will play 5 randomly picked episodes back to back. I usually use this to cue up some shows right before going to sleep. It’s better than flipping through channels trying to find something to watch.

By default, it uses a gui-less mplayer in full screen to play the videos. You can edit the playback command to use a different video player or use different settings.
Note: It expects the video player to exit after finishing playback. Mplayer does this by default (without the gui), but VLC, Xine, etc. don’t.

To use, edit the first part of the file with the location(s) of your video files and the commands if needed. Run python rescan to generate your collection file. Then run python to play a random show.

This was made and used on linux, but it should also be compatible on Windows, though you might need to edit the commands.

I’ll probably edit this to have better control over collections, a playlist option that’ll just generate a playlist so you can use VLC or other video players. If you have any suggestions, let me know.

I’m also making a movie version, that will also support browsing of the collection (probably just via a web interface), and support multiple CD versions and archives. It’ll be more like MythTV, but allowing less overhead.

Download randomshow.txt (rename to or randomshow.tar –help

Random Show 1.0 – James Wilson [option] [count]

For 1 random show

For n random shows n

Rescan your collection rescan

Use different collection and play 1 show. If collection doesn’t exist, it will use default. latenight.txt can be any collection text file. latenight.txt

Use different collection and play n shows latenight.txt n

Rescan different collection rescan latenight.txt

Create new collection create latenight.txt “/media/tv/”

Example rescan output:

From location(s)
[‘/media/My Book/downloads/tv/’, ‘/media/hdb1/Documents and Settings/User/My Documents/My Videos/tv/Futurama’, ‘/media/hdb1/Documents and Settings/User/My Documents/Fastlane’]
Clearing collection file
Added 113 King of the Ant Hill.avi
Added 110 Keeping Up With Our Joneses.avi
Added 104 Luanne’s Saga.avi
Added Fastlane – 120 – Asslane.avi
Added Fastlane – 121 – Dosed.avi
Added Fastlane – 122 – Iced.avi
Collection built – 696 files

Example collection file:

Random-Show-Collection-1.0;shows.txt;/media/My Book/downloads/tv/,/media/hdb1/Documents and Settings/User/My Documents/My Videos/tv/Futurama,/media/hdb1/Documents and Settings/User/My Documents/Fastlane
/media/My Book/downloads/tv/koth1/113 King of the Ant Hill.avi
/media/My Book/downloads/tv/koth1/110 Keeping Up With Our Joneses.avi
/media/My Book/downloads/tv/koth1/104 Luanne’s Saga.avi
/media/hdb1/Documents and Settings/User/My Documents/Fastlane/Season 1/Fastlane – 120 – Asslane.avi
/media/hdb1/Documents and Settings/User/My Documents/Fastlane/Season 1/Fastlane – 121 – Dosed.avi
/media/hdb1/Documents and Settings/User/My Documents/Fastlane/Season 1/Fastlane – 122 – Iced.avi

WordPress YouTube Sidebar Video Plugin

This is a plugin based on the YouTube widget. It’ll display a YouTube video, most likely in your sidebar, by calling the youtube function which you can specify the url, width, height, and if it’ll autoplay. It’s not much, at all, but meh.

Download (youtube-plugin.tar.gz)

This plugin is one function called youtube that will display a YouTube video. It’s pretty much the same as copying the embed code from YouTube, but will allow you to change the width and height much easier.

I’m not going to go too much into this, so here’s the whole calling it premise. You would place this in your template in php tags.


Display a video with default width and height (250×165)

Display a video with custom width and height (500×330)

Display a video with default width and height (” will cause it to default), but autoplay

Display a video with custom width and height and autoplay

Download (youtube-plugin.tar.gz)

You’re In My Server, Looking At My Plugins

Apparently, people realized that if they have their folders indexable, they could be indexed. OMG! And that you can view you plugins directory via Google. Holy crap!

First off, their google dork isn’t even right. Index of /wp-content/plugins should clearly be intitle:"Index of /wp-content/plugins" or else I’ll get your’s and this shitty post in the results.

But that’s not even that good. It only applies to people with their blog hosted in the root directory. If you have it in the blog/ directory, you don’t get hit.

So now, the query should be intitle:"Index of"+intitle:"/wp-content/plugins". This returns about 50k more results.

But what about the usefulness of this?

Let’s say there is a vulnerability in the “Share This” plugin.

We can try the directory way that’s supposedly so vulnerable. intitle:"Index of /wp-content/plugins" share-this.php 40 hits

Or a better method. We know that the plugin adds a link called “Share This” to every post. Don’t believe me? Scroll down a bit and you’ll see it. So we can search for “Share This” on pages with the word wordpress, since that’s usually in the footer, but not if it uses the word plugin, since it’s probably talking about the plugin itself or have wordpress or Share This in the title since it’s likely to also just be talking about the plugin itself. wordpress+"Share This" -plugin -intitle:"wordpress" -intitle:"Share This" 3.3 million hits.

Sure, there will be false positives, but there’s a much greater changes of having a much bigger impact. Who cares about the false positives? If it doesn’t work, it doesn’t work. Just move on. You could start it at night and have tried all the sites before even waking up, well, maybe, probably not, but you’ll have a lot more than 40.

I’m thinking the severity of the whole directory being exposed is a little dramatic. Yeah, it’s probably better if it wasn’t indexed, but it’s not killing anyone. Now, if you have a password in there, that’s a different case.

In fact, here is my plugin directory. (I have indexes off by default, mainly because netfirms doesn’t use Apache’s indexing thing)

% ls -lA wp-content/plugins
total 1400
drwxr-xr-x  2 2701791  552     512 May  8 18:41 404-notifier
-rw-r--r--  1 2701791  552    4667 May  8 18:41 404-notifier.tar.gz
drwxr-xr-x  3 2701791  552     512 May  7 22:18 PostToTwitter
-rw-r--r--  1 2701791  552    2134 May  7 22:16 PostToTwitter.tar.gz
drwxr-xr-x  2 2701791  552     512 Apr 21 16:03 akismet
drwxr-xr-x  2 2701791  552     512 May  8 18:41 comment-relish
-rw-r--r--  1 2701791  552    3536 May  8 18:35 comment-relish.tar.gz
drwxr-xr-x  2 2701791  552     512 May  7 22:18 easy-auctionads
-rw-r--r--  1 2701791  552    7542 May  7 22:16 easy-auctionads.tar.gz
-rw-r--r--  1 2701791  552   54904 Apr 21 15:20 goog.tar.gz
drwxr-xr-x  2 2701791  552    1024 Apr 21 16:20 google-sitemap-generator
drwxr-xr-x  5 2701791  552     512 Apr 21 16:49 gregarious
-rw-r--r--  1 2701791  552  109199 Apr 21 15:49 gregarious.tar.gz
-rwxr-xr-x  1 2701791  552    2025 Oct 25  2006 hello.php
-rw-r--r--  1 2701791  552    5152 Nov 16  2006 ol_feedburner.php
-rw-r--r--  1 2701791  552    1861 Jul 24  2006 sem-unfancy-quote.php
drwxr-xr-x  2 2701791  552     512 May  8 18:40 share-this
-rw-r--r--  1 2701791  552   14032 May  8 18:35 share-this.tar.gz
drwxr-xr-x  2 2701791  552     512 May  7 22:17 stats
-rw-r--r--  1 2701791  552    5213 May  7 22:16 stats.tar.gz
drwxr-xr-x  3 2701791  552     512 May  8 18:41 subscribe-to-comments
-rw-r--r--  1 2701791  552   16017 May  8 18:36 subscribe-to-comments.tar.gz
drwxr-xr-x  2 2701791  552     512 May  8 18:40 twitter-tools
-rw-r--r--  1 2701791  552   17148 May  8 18:36 twitter-tools.tar.gz
drwxr-xr-x  4 2701791  552     512 Apr 21 21:47 widgets
-rw-r--r--  1 2701791  552   26579 Apr 21 20:48 widgets.tar.gz
drwxr-xr-x  2 2701791  552     512 Apr 21 16:20 wp-cache
-rw-r--r--  1 2701791  552   47104 Apr 21 15:21 wp-cache.tar
-rw-r--r--  1 2701791  552   31091 Jul 26  2006 wp-db-backup.php
drwxr-xr-x  4 2701791  552     512 Apr 25 12:54 wp-syntax
-rw-r--r--  1 2701791  552  309747 Apr 25 12:56 wp-syntax.tar.gz

Yes, I download the zips then convert them to tarballs, that’s why all of my widgets are available in both formats.

But it also raises another question, how many of those do I have enabled?

404Notifier? No. PostToTwitter? No. akismet? Yes. Comment-relish? No. Easy-auctionads? Hell no. Google Sitemaps? Yes. Gregarious? No. Hello Dolly? Fuck no. Feedburner? Yes. Unfancy quote? Hell yes. Share this? Yup. Stats? Yes. Twitter tools? I had to check, but yes apparently. WP Cache? Yes, WordPress is too slow without it. DB Backup? Yup. WP Syntax? Yes, I likes me fancy highlighting.

10 out of 16 enabled. Does it mean that they can’t be exploited without being enabled? Not necessarily, but to an extent, yes. It should die when it gets to an add_action call, unless someone allows it to execute other PHP code or include other files before calling add_action. Though they probably shouldn’t do it in the first place. include($_GET['file']); comes to mind.

And if anyone is wondering where all the scripts are, I’ll have a couple of widgets soon and another couple of python scripts.

New Paintball Blog

Eh. A little self promotion never hurt anyone.

I’ve launched a new paintball blog on the grounds that all others suck. (Paintball Journal, you aren’t that bad, just the site itself sucks. If you were self hosted and less ad-ridden, you would have my support).

It’s available over at, or you can subscribe to the feed.

It’s not too much now, but hopefully it’ll grow into something more.

If you want to write for it, you can. You need to have some knowledge about paintball, or at least some interest in it. Just tell me some info about you, make an account over there, and I’ll promote you to an author. Currently, there’s no monetary incentive. If I do happen to put ads on it and make a profit, it’ll be split between everyone.

WordPress Reddit Widget

Number 8 in Widget-A-Day is a reddit widget.

It’ll display your latest liked items on You can edit the display, count, and username.

Not much of widget (can be kinda done via the RSS widget), but it’ll be the closer in Widget-A-Day. I might have one on Saturday, but there’s no guarantee. It’s been fun. Hopefully someone has found these useful. I’ll do it again sometime. If you have any problems, suggestions, or whatever, let me know


SVN Checkout
svn co

Default display:

Admin panel:



  1. Download
  2. Extract and upload reddit.php to the plugins/ directory
  3. Enable reddit Widget in the Plugin admin panel
  4. In widget admin panel, place reddit in the sidebar, and edit it to enter your username


  • Displays your latest liked items (on
  • Completely customizable display
  • Caching for large traffic sites


There are 3 parts needed to format the output.

The first part, called items start in the admin panel, is the first part of the widget after the title. For the default formatting, this is just <ul>.

The second part, called items end, is the ending of the widget. By default, this is:
<a href="%profile%" style="float:right;">%username%</a>

The third part is what is called for each item. By default, this is:
<li style="list-style-type: none;"><a href="%link%">%title%</a> (<a href="%more%">more</a>)</li>

The premise of calling each value is this:

  1. start
  2. item
  3. item
  4. item
  5. end

The formatting for items is:

  • %title% – Title of the item
  • %link% – Link to the item
  • %desc% – Description of the item – Just [link] [more] links
  • %date% – Date the item was submitted (ISO)
  • %more% – More link – The link to the comments
  • %number% – The number of the current item

The formatting for start and end is:

  • %username% – Your username
  • %profile% – Link to your profile
  • %rss% – Link to your profile’s RSS feed
  • %count% – Number of items shown