Content-type: matter-transport/sentient-life-form

Montgolfiade in Münster

Montgolfiade in Münster

Montgolfiade in Münster

There were some of these today when I looked out the window. But it wasn't just that - after I had looked out for a bit, there were whole swarms of them to be seen. It looked pretty cool.

The pictures aren't particularly good, they were quick shots without much planning - even though balloons aren't really fast, when you see them in a herd like that, you realize that they do change position quite quickly.

And yes, there really were a few bottles of Potts, a cola bottle, and an ice cream cone flying around in the sky ...

Montgolfiade in Münster

Montgolfiade in Münster

Montgolfiade in Münster

News from the Gallery project

News from my Django Gallery project: it's coming along nicely. If you want sample code for AJAX with Django or XML-RPC with Django - look into it's source. I implemented parts of the blogger API, metaWeblog API and MoveableType API - just enough so that Photon can post pictures to my gallery. AJAX is used for logged in users to change the title of pictures and folders by just clicking the title and for activating the toolbox on the backside of pictures. Additionally the gallery includes the usual PIL stuff like thumbnailing - I am especially proud of the flipped corner look for folder thumbnails Other stuff worth looking into might be the usage of lazy evaluation to push stuff into the template without precalculating it - it's only calculated when the template actually uses it. And interesting might be the abstraction of the filesystem based content - only the base path is stored in the database model, the rest of the gallery is in the filesystem (and can so be easily managed with FTP, SSH or directly on the unix shell).

Additionally you might look into it for handling of authentication - user registration isn't yet done, but will follow some day. As will comments and RSS - but I have to write that, first. And I am starting to write documentation - docstrings in the code and documentation pages in the wiki.

iTAN method not secure either

The iTANs (indicated TANs - as recently introduced by the Postbank) are also not the be-all and end-all against phishing attacks. The classic attack would simply be to redirect the user to their own site during phishing and then process the transaction with the bank in parallel with the user's inputs - but of course in a different form than shown to the user. Instead of simply requesting a TAN, the bank server is first contacted and the TAN required from there is then requested from the user. With this TAN, a booking can then be made problem-free while the user spends time on the supposed security update - or whatever the phishing attack pretended to be.

The RedTeam has compiled a scenario and spoken to the banks:

According to a survey by the RedTeam, the problem described was largely understood by the banks, but not taken very seriously. They wanted to continue to adhere to the presentation of secure iTANs. One bank argued that the attack would have to be very quick and take place within seven minutes. Another institution wanted to distance itself from its statements only after the first case of damage to a customer had occurred.

The same arrogant attitude that banks have always taken against abuse - instead of addressing the problems themselves or actively describing security issues and thus taking customer maturity seriously - is being dismissed and lied about. And for such nonsense, we then have to pay booking fees.

JavaScript + CSS Box Model Puzzle

So, I have this HTML table. All the TDs are centered with their content using text-align: center. In these TDs, I have two DIVs displayed on top of each other. The top one contains an IMG, and the bottom one just contains some text. Both contents are also centered. Now, using JavaScript DOM functions, I swap the top DIV with the IMG inside it with another DIV that contains two DIVs, which in turn contain text. The texts in the inner DIVs of the new DIV are centered. However, the DIV itself, which contains the inner DIVs, is no longer centered relative to the encompassing TD. The problem is reproducible with Safari and Camino - somehow the "align content center" property is lost for the newly added elements. I've tried all possible CSS attributes and experimented with everything (e.g., checking if the old DIV with the IMG inside or the IMG itself has a value for left), but for some reason, it just won't work.

The background for all this: when you click on an icon, an IMG should be completely replaced with a DIV of the same size, containing some switches with which properties of the IMG can be changed. Basically, something similar to the widgets in Dashboard - configuration on the "back" of an image.

At the moment, I'm only taking over the height of the image, so the vertical alignment is perfect. However, the horizontal alignment remains dynamic. If I have two cells on top of each other and both switch to configuration, the table changes in width. This causes ugly jerking. But I don't want to statically expand the TDs, otherwise the layout would no longer dynamically adjust to the browser width.

Oh, and all this has to work with Safari, it's finally my main browser.

Update: in the comments, there are links to test pages with which you can see the effect.

Karlsruhe clears the way for new elections

Am I the only one, or does anyone else feel like Karlsruhe wanted to avoid the discussion about the legitimacy of the new elections? The justifications read as if a blank check has now been issued for the Chancellor and the President - if the two agree, the Bundestag is gone in a flash. An allegedly bad prognosis and the consent to it are enough ...

Why do we even have rules for the dissolution of the Bundestag in the Basic Law if the Constitutional Court apparently doesn't care much anymore?

JavaScript and the escape() Function

Note to self: escape() in JavaScript is only suitable for latin-1 - a utf-8 string with special characters sends these as latin-1 characters over the line. Pretty stupid when you're tinkering with a form via Ajax and then sending a value to a function in the backend that actually expects utf-8. encodeURIComponent is the answer, not escape.

MochiKit - First Experiences

I had already briefly mentioned MochiKit – A lightweight Javascript library. I used it at viele-bunte-bilder.de (offline since 2007) (so that the owner of a gallery could change the image names and folder names). Pretty brilliant small library for JavaScript. Makes working with JavaScript much more pleasant.

Armstrong EPO-doped in first Tour victory?

Apparently there is evidence that Armstrong doped during his first Tour de France victory:

In six urine samples taken from Armstrong during the 1999 Tour de France, doping researchers found EPO in tests conducted for scientific purposes five years later. Dr. Jacques de Ceaurriz, the director of the laboratory that conducted these tests, confirmed on Tuesday a corresponding report in the Tuesday edition of the sports newspaper L'Equipe.

A pretty big deal, all of this. And it doesn't look like this time it's just unfounded allegations.

Is Aldag quitting?

Oh man: Rolf Aldag ends his 15-year career as a professional cyclist at the end of the season. It's not that simple. I liked the rumor version - where he leaves with Zabel to Domina Milka - better. Okay, I wish him a good retirement and maybe we'll get to see him commentating on bike races more often, because he can definitely do it more competently than the sleeping pills of the ARD and ZDF sports editorial teams, but somehow I will miss him as a rider.

Canon EOS 5D, full-frame 12.8 megapixel

Well, the rumors were spot on regarding the Canon EOS 5D - unfortunately also regarding the price. A few hundred euros less would have been nicer. The technical specifications still sound great even the second time around. Now I just need to somehow convince my bank account to take on the right sign and change color.

Poor Jörg Jaksche - again

Oh man, another breakdown on the stage in the final climb and then someone snatching the stage victory from him again, even though he fought back after the breakdown. Somehow, it just isn't working out with a stage victory for him. Really a shame, because he's impressively fighting at these extremely steep mountain finishes.

Also impressive: Jan Ullrich lost 30 seconds to Levi Leipheimer. That's already a significantly better cushion for Leipheimer for the time trial. In the Tour, it was 2:50 over 55 kilometers - in this 33-kilometer race at the Deutschland Tour, this could potentially save Leipheimer's overall victory, which he was able to extend to a 1:29 lead today.

Now it will be shown in the time trial how strong Leipheimer is - he can actually do it, especially when he's in good form. And that seems to be the case at the moment. On the other hand, Jan Ullrich is an absolutely outstanding time trialist, so everything is definitely still up in the air.

PostgresPy

PostgresPy is a collection of various Python modules around Postgres. Server-side and client-side.

DjangoGallery - sample app with sample installation

Mal wieder englisch, da auch für #django interessant I have uploaded the source and made available the repository and a trac instance for my django projects. The first one that's there is the DjangoGallery - that's what I am using at viele-bunte-bilder.de. I have written a first take at an installation instruction that shows how to get the gallery running on your own site - you could even integrate it into your own project (although you will have to do some minor source changes - mostly replacing the projectname "gallery" by whatever your project is called).

The application isn't fully done, yet. There are many plans on how to extend it, as it will be my main motiviation to remove all other gallery software I am running (I already replaced PHP Gallery and now I am targeting my old mod_perl stuff and last one will be attacking my Wordpress based gallery), so be warned that it will change over time.

If you find bugs, feel free to file tickets. You can file enhancement wishes, too - but since the main target of this project will be to replace my own other gallery projects, it's doubtfull that I will do much work besides what is needed to reach that goal. At least for now - there's no limit to what can be done to the code after I phased out all PHP and Perl code

Since 2007 these links are non-functional, so I removed them.

Kibot

Kibot is an IRC bot written in Python. With a simple plugin interface, you can let it loose as an all-round bot on a channel.

Competence, Incompetence, Incontinence?

No idea what it is, but I find it cute to appoint someone to a competence team whose ideas are not in line with the party's own program. I mean, decent social democrats usually wait with the dismantling of their experts until these at least had the chance to pretend to understand their job, but what the Union's Kauder is doing here can only be described as an accelerant

Post 5000

Wow. This is seriously the 5000th post in the database.

Amazed face

first Django application live

So, my first Django application is live - not finished yet, but at the moment already so good that it's better than the old PHP mess that was running before. And it's about my image gallery at viele-bunte-bilder.de. At the moment there is user registration and everything related to it - but I'll probably implement that later. Or maybe not. Let's see.

In any case, it's already quite nice - I can upload pictures directly from iPhoto again (which was the most important advantage of the old gallery software) and the files are in the filesystem, not in a database - which was also quite an important point.

The software itself is of course available - anyone who wants to browse, I have set up a Trac instance with my Django experiments.

Since 2007 nothing has been online.

ObjectiveCLIPS

Way cool: Objective CLIPS is a new development environment for OS X. From the description:

Using Objective C runtime introspection, CLIPS, and FScript, it is possible to write intelligent Cocoa applications. Any Objective C object can be asserted as a fact in CLIPS, however, CoreData provides an additional meta model along with object persistence.

CLIPS is an expert system environment that is based on a Lisp dialect and enables the management of rules and facts, as well as reasoning about them. FScript is a scripting language inspired by Smalltalk that works directly with the ObjectiveC classes in OS X. Both together should enable pretty cool things, especially since databases and documents can also be easily created with CoreData. And both languages (CLIPS and FScript) I found quite interesting in my experiments with them - CLIPS was even used by me for a longer time as a "Lisp replacement", because it is indeed a rather old-fashioned Lisp, but is equipped with powerful additional abstraction possibilities.

RSS 3 - twice

Again someone who thinks they can create a great new format: RSS 3.0 - and that someone is too stupid to google first. Because otherwise they would have stumbled upon RSS 3.0 and maybe thought about it.

Oh well, thinking isn't one of the usual activities of great inventors of syndication formats, as we already noticed in the discussion around Atom. I'm still convinced that all syndication formats are a large-scale net psychological test.

Heise also has something about it. And just like Rogers Cadenhead - who is on the RSS Advisory Board.

Writing PlugIns

Writing PlugIns describes how to create iPhoto Exporter Plugins. Could be quite interesting.

SHA-1 is going down the drain

In any case, if the 2^63 attack against SHA-1 that was just announced hits. Now, the first reference implementations will probably be targeted. 2^63 is quite crackable with today's computing power, there are already some initial experiences. And thus, it is probably only a matter of time before, similar to MD5, hash collisions for real documents can be produced. It's quite strange to see how the field has changed in terms of the computing power that can be brought to bear.

1&1 is acting up

Now there's a forced redirect:

When customers of the provider 1&1 in Karlsruhe establish a new DSL connection and then start the browser, they are now always shown the 1&1 portal.

Great. And if these first requests come from some scripts of a server at the DSL connection, the scripts will fail. Just because 1&1 had another rarely stupid idea. And we have to explain to the customers again why something obscure doesn't work - and all of this just for marketing nonsense.

The world is ending in 2029

Because the sky will fall on our heads. Which is a good thing, because in 2037 the Unix epoch will expire and all computers will go crazy. And so we are spared the chaos.

Oh, and whoever believes all this, I have a very nice bridge to sell ...

anonymous sessions

Django has taken an important step for the release 1.0: anonymous sessions. Sessions were previously tied to user login in Django, but now it also works without registration. Much nicer than creating thousands of cookies for the user.

Cooperative Linux

Cooperative Linux is a port of the Linux kernel as a Windows application. This allows you to run Linux as a Windows application without needing a virtualizer like VMWare.

CRUD with Django

Create, Read, Update, Delete - the standard functions of classic interfaces - can be easily assembled with Django. For this, there are Generic Views. On Postneo there is now a CRUD Tutorial, which shows how simple such interfaces can be put together with Django.

London: Doubts about the police version in the Menezes case

There are legitimate doubts about the police version in the Menezes case in London:

A surveillance video shows that the 27-year-old was wearing a light denim jacket and did not behave suspiciously in the subway station, the broadcaster reported. He calmly entered the station, accepted a free newspaper, and took the elevator to the platform. Only there did Menezes run to a train and take a seat in a carriage. A witness also stated that the trained electrician was overpowered by an officer. Shortly afterward, police officers shot Menezes multiple times in the head. An autopsy revealed that the body had seven headshots and one entry wound in the shoulder. However, the police had fired three more shots whose projectiles had not yet been found, ITV continued.

And how do all the shoot-to-kill advocates explain this away now? So they don't have to think about the madness of their stance?

Something interesting in Rails

Finally an application in Ruby on Rails that goes beyond the usual example applications - and is not just a weblog or a totally pointless to-do list management or something similar: VitalSource is an iTunes-like application for books with a corresponding backend and a frontend also based on Rails (but integrated into the application):

Apparently their backend applications have been running Rails for a while. But they've recently released their client software, and it runs Rails as well. Except... you won't see it running in a conventional browser. As the picture shows, the Rails app runs embedded within the client executable: in the case of the Mac client it uses WebKit to render the responses from the Rails app.

I was already fed up with all the Rails applications - which all sounded like textbook exercises.

A comparison of Django with Rails

A comparison of Django with Rails is a rather good comparison of Rails and Django. However, comparing two systems that address quite different topics is naturally quite difficult - but the article at least tries to position the two frameworks against each other.

Poor Jörg Jaksche

Also honest. Someone snatches the stage victory from him at the finish line. Sorry, but sometimes cycling is really unfair. Too bad - I would have given today's stage victory to Jörg Jaksche, he really kept attacking. Twice less looking back and maybe he would have won after all.

Living Data

Funny title, isn't it? Well, I just noticed something while dealing with web frameworks and other applications, specifically in the Ruby and Python environments. Namely, the way mini-data is stored and how configuration data is handled, for example.

In the Java environment, there is an inflation of XML mini-languages - mountains of dead data. Dead because this data only exists in XML format and can only be processed and modified using XML tools. For example, if I have constantly repeating or algorithmically describable configuration blocks (e.g., a mountain of quite similar-looking URL patterns for a web framework), I can only generate these using XML tools - e.g., generate them from simpler formats using XSLT. Or I write small tools for this.

In Ruby, the situation is similar - only that instead of XML, YAML is used here. Ultimately, however, this is not better - the configuration is still a dead file.

But both in the Python environment and in various other dynamic languages, there is a good alternative to this: just use a module in your programming language. For example, Python modules live - if the structure is complex but partially repetitive - simply write a small Python function that helps with the dynamic creation of the config. If the config should partially come from database contents - simply write a Python function that reads this data from the DB at runtime and mixes it into the config. Living configuration data, after all.

Of course, security issues come into play here - we don't want to repeat the PHP mistake with the eternal eval. What is urgently necessary for this would be a clean sandbox for such modules. Unfortunately, there is a massive hole in the implementation right there in Python. There were bytecode hacks in the past, which were also revived - but these are just hacks. The method of building a pseudo-sandbox using restricted imports and proxy objects, as Zope does, is also not the be-all and end-all.

Perl offers a very clean method here - as is usual for all security features in Perl, this is of course used by almost no project - to regulate down to the smallest detail what the code in such a sandbox is allowed to do - and thus a configuration via Perl module is definitely better secured than in languages without such a concept.

Java itself, of course, has a pretty sophisticated security management system - necessarily, as it is also supposed to run in browsers with very restricted rights. This security model is also usable for applications and could be used, for example, for servlets or Java configs - especially since you can also easily translate files at runtime and load them dynamically with Java. Now explain to me why the Java people are so fixated on XML when they have the best foundations for secure living data ...

We will ignore the safe model of PHP here, because it is a soda-or-seltzer model - either every code runs under safemode, or none at all. What we would need is a selective activation of different security classes for a single code block or module import (ok, PHP also doesn't have module imports, only includes - I say, we just ignore it).

So far, you can only work with living configurations in Python if you are sure that the configurations are only edited by users without malicious intent. Django, for example, only uses living configurations - it would therefore be a pretty stupid idea to make the configuration files editable via the web for centrally hosted applications.

We urgently need a clean sandbox for Python. I even believe that this would be a more important subproject than the various syntactic extensions that are repeatedly addressed.

wxWindows now also for Common Lisp

wxCL provides Common Lisp libraries for using the brilliant wxWindows GUI library. Very nice - I have already appreciated wxWindows in its Python incarnation, and in Scheme (via DrScheme) it is also very helpful. Now Common Lispers can use it too. I know that in Common Lisp, of course, CLIM (today often in the form of McCLIM) is the toolkit of choice, especially since it is much more powerful than wxWindows. But still, it's nice to have a cross-platform GUI library, especially because it is available for more than one programming language.

the strange tendency of PHP programmers to eval

Vulnerabilities in PHP modules endanger (once again) numerous web applications - and once again it's XML-RPC. They are still using eval - and that's for evaluating tags. Seriously? Sorry, folks, but this is just ridiculous - eval has already blown up in your face, why weren't all those calls removed back then? Or at least properly secured?

And people wonder why I don't have much faith in PHP software ...

Lazy Posts in WordPress

The new Wordpress 1.5.2 should finally fix the slow posting - caused by pinging - by moving the pinging to the shutdown, i.e. after the actual request-response chain. In German: with 1.5.2, pinging should no longer cause an eternal wait on the browser. It would be very nice if that actually works.

Since there are also security fixes included, an upgrade is generally sensible. Although WordPress, for a PHP application, functions surprisingly stably - but still, there are undoubtedly one or two skeletons in the closet.

Update: well, it hasn't really gotten faster when posting ...

Seashore

Seashore is an image editor for OS X based on GIMP libraries and formats. It already looks quite nice, even though it currently has almost no features (especially the filters are missing). But maybe something like this will one day become a native OS X GIMP ...

Turn off spotlight on removable drive

sudo mdutil -i off -E /Volumes/VOLNAME/ should disable Spotlight on a volume and discard the index. Hopefully - it's annoying when my backup drives are supposed to be indexed every time. Or when the found applications appear in the Open With lists, even if the drive is not connected at all ...

trac - Easy Software Project Management

trac is a web interface for Subversion repositories. However, it is not just the appropriate web interface - it also includes a wiki, a bug tracking system, a milestone management, and very comfortably created reports based on the bug tracking. And all of this in a very easy-to-install package - on Debian, an apt-get install trac is sufficient and then with trac-admin initenv a Trac instance can be created. It also looks quite appealing and the functions are very well integrated - links from the tickets to the wiki or links from changeset descriptions to the wiki or the bug tracking are easy to make and of course help enormously in managing software changes. Additionally, there is a nice timeline that documents and links changes to the system over time - among other things, also to a very comfortable changeset browser.

I have now thrown away all the handmade stuff for TooFpy and switched to trac. Just the possibility of assigning my ToDo list, which was previously managed in the source tree, to planned releases via tickets brings a lot of overview to the project.

Yep, anyone who has to manage a software project should definitely take a look at trac, because anyone who is not necessarily a control fetishist will certainly be happier with the rather open structure of trac than with some overengineered parts.

kenosis

kenosis is a Python library for a simple P2P protocol that is based on XMLRPC. Simple and straightforward, but without any form of encryption - should therefore be used over externally encrypted or otherwise secured channels.

Nitro

Nitro is a web framework for Ruby. Clearly positioned as a competitor to Rails, it addresses some of Rails' weaknesses - for example, the rather meager Object-Relation-Mappers in Rails via ActiveRecords. Nitro uses Og instead. Otherwise, the features are significantly more developed - more code, less hype.

RBL Operator Again

After I already wrote about it in April, it's now also in the Heise Ticker: RFC-ignorant: All .de domains under suspicion of spam. The ignoramuses of RFC-Ignorant will certainly not change their minds, but perhaps now the one or other provider will remove this absurd block list from the mail configuration.

awstats.pl

Fuck, I'm slowly getting really annoyed by awstats.pl. I'm already considering switching back to webalizer, which only produces stupid static output. But it can also do less.

Privacy Update under OS X

In IRC, identd, and Privacy I complained that proxies with SOCKS support were rather thin on the ground - meanwhile, things have improved significantly. Because X-Chat Aqua is now in a state that can be described as very usable - after many years of using Snak, I have actually switched.

X-Chat Aqua supports SOCKS and thus allows direct use of tor. However, this is not SOCKS4A - therefore, DNS resolutions are still visible. Ideally, you simply enter the server's IP address, so no name resolution needs to occur.

With Jabber, things now look very good with PSI - PSI is very usable under OS X and the display problems of older versions have also been fixed. And PSI also works with tor.

Browsing over tor was already possible before, but with the current Mac OS X Builds of tor, it is also very easy to install. Tip: I created my own network configuration, with which I can easily change the proxy settings. With this, I can then simply turn Privoxy+Tor on and off in the Apple menu as needed. Of course, this only works with browsers that get their proxy settings from the system settings.

Using ssh over tor is easily done with the ProxyCommand stuff. Instructions are in the Torify HowTo. Many of the tips mentioned there also work under OS X, as there is a normal Unix underneath.

On the Bavaria Fuss

Nothing comes to mind other than a hearty: Keep it up, Mr. Stoiber! - it's true, the Left Party couldn't wish for a better election helper than the raging dwarf from the backwoods. Okay, his outbursts lack a certain degree of appropriateness - it's quite annoying when people in Bavaria are supposedly so terribly smart, but the head of state once again doesn't understand what democracy means. Well, whatever happens, Mr. Stoiber, one thing is certain: we will not be governed by Bavaria. And the way you are currently dismantling Mrs. Merkel, suddenly everything is possible again for the SPD. Thanks to you and your colleague Schönbohm, who with their absurd statements have probably mobilized more East German voters than Gysi and Lafontaine together ...

Mac OS X Intel hacked to run on standard PCs

It's quite bitter when OS X Intel is already hacked before it's actually available:

MacBidouille reports that the Apple Developer kit version of Mac OS X x86, released to developers in early June, has been "hacked" to work with a PC notebook. The report includes a video showing Mac OS X x86 booting natively on a Pentium M 735-based notebook.

And this despite TPM and similar tricks. Maybe Apple should switch back to PowerPC after all, which is not more secure, but at least there's no alternative hardware at bargain prices like with Intel.

RIP last.fm

In das Netzbuch: last.fm verhärmt sich selbst Ralf describes how last.fm is leaving reality. I will also have to say goodbye to my earlier recommendation - there are already enough proprietary streaming clients, we don't need another one - especially not if it doesn't even work properly. Too bad - it was a nice way to discover new and interesting music. But not like this.

SCO-Patent-Fallout?

Speculation is rife that a lawsuit by an eFax company against competitors for using Asterisk could be related to SCO and all the nonsense surrounding it:

Now, Groklaw is speculating about the extent to which the move could be a general patent attack on free software. The reason for this is a close connection between the SCO Group and j2. Among the supporters of the software company, which has been in a heated dispute over intellectual property in Linux components, particularly with IBM, for a long time, is the investment firm Krevlin Advisors. It is also a major shareholder in j2.

But even if there's nothing to the rumors, the whole thing will certainly be idiotic and annoying again - and yet another proof that software patents and business method patents are utter nonsense. In any case, Asterisk (essentially a telephone system implemented in software) could soon become another battleground - if only because it may appear as a threat to one or another manufacturer of smaller telephone systems. And the market for telephone systems is, after all, characterized by very strange sales strategies and even stranger contractual situations (not without reason, telephone system maintenance contracts are occasionally declared invalid for violating good morals).

XchatPython

XchatPython is a plugin for X-Chat that allows you to write extensions in Python.

Sooo cool!

BlackDog is a PowerPC computer with 64 MB of memory and a 512 MB flash disc in a mini case that you can plug into any PC with Windows or Linux via the USB port. The PowerPC processor then takes over the keyboard, mouse, and screen, and starts its Debian Linux, whose desktop you can then see on the PC.

The device runs solely on USB power and also has additional biometric access control via fingerprint. Wow. A nice little hacker kit for on the go, you just need to find a host computer.

And it is completely open and hackable in terms of architecture - there is even a hacking competition to develop interesting applications for it. Although I already know what I would put on it - all the necessary network tools. I think I need to motivate the boss at the company to take a closer look at what you can do with such a device. I haven't had such a strong desire to have something for a long time.

Information about the Canon EOS 5D has surfaced

The rumors about the Canon EOS 5D already sound quite interesting - a full-frame sensor camera for 3500 could certainly tempt me. The previous contenders in the full-frame sector were just outrageously expensive (yes, the 5D is too, but the utopia has come a bit closer).