Sanity Insanity and Moi

I will try not to be too much biased against Windows. But will like to point out what is wrong.

Hearing the news of the Demo/Preview/Debut of Windows 7 at D6 conference by Microsoft VP Julie Larson-Green, my first reaction was, Oh NO not again!!!

I had my concerns. Microsoft has been stealing the show with its sleeky looks and publicity. If there is somebody at the market that can sell a rickety old-bus just by repainting it, its Microsoft.

Though all the other OS-es has evolved with age, windows simply refuses to budge more or less. The system requirements just to run a basic version of their latest OS takes more than twice the power that is required to run the latest Open Source OS. The fact remains that will less overhead the Open Source counterpart gives the looks and the WOW-ness.

How far can they drive along by just adding the new features without correcting the basic problems.

XP came and by the time people got adjusted to the response time, reaction time and usability, Vista was born. Now why the hell do i have to go for double the configuration for a new OS. Then again i will be doing the same things but that is going to add another transition phase in my life. From my own personal experience, the very simple task of setting an IP which took 4-5 clicks in XP, took me 5-10min in Vista just to figure out how to get the Properties window. Though basic functionality of an OS that the user looks for needs to be kept the same across versions, Microsoft fails to comply.

If the new version is going to be more user friendly than its previous one, why do you still need to pack the age old Win-98 looks with XP? They need to realize what the other OS-es in the market are doing different to keep things abreast with feature improvements, usability and performance.

At this point they just need to stop stuffing in features into an OS. It more or less looks like a huge american burger. A bite at one end will have half of the things falling out of the other end. By the time you get used to the new tasty burger in comes a new version double the size.

This was an interesting find on the net. Steven Levy in 1984 had a code of ethics for Hackers

The ethics goes as -

• Access to Computers - and anything which might teach you something about the way the world works - should be unlimited and total. Always yield to the Hands-On Imperative!
• All information should be free.
• Mistrust Authority - Promote Decentralization.
• Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.
• You can create art and beauty on a computer.
• Computers can change your life for the better.

Interesting …

Creativity has no limits and the fact that people can go to any extend to infect you machine with malware, let me say comes as a total relief. After people has spend dollars securing their machine with the latest spyware remover, anti-virus, pop-up blocker and all the shit that you can get you hands on, there is no stopping a curious browser who downloads some thing and authorizes it to do some operation and ends ups in a deeper shit that he was before.

We all love torrent. The countless torrent files that you looked up on the net to download your favorite movie, would have at least made you thin, what you would have done with out those torrent sites. Its the same feeling you get when you thank George Bush for the oil that he is bringing in from Iraq and Kuwait.

So when some thought of the idea of infecting your machine with the help of torrent download and get paid $3 for doing so , has to be credited with the ingenuity of the idea. Here is the whole scenario.

You download a movie (most of the reports came up with the latest movies like Hitman, Beowuf, National Treasure : Book of Secrets) or an episode of your favorite series on TV. When you try to play it it says

“This video can only be played in DomPlayer, Visit Download.Domplayer.Com“

Like any other desperate downloader you visit their site :

Pretty neat site of a movie player, compared to VLC Player and Real Player. So you go and download the player, the Download button is right in front of you. So whats the big deal. Go ahead download the file… At this point i got suspicious and thought hey i never heard any of my friends talk about such a player, instead of installing it at the home PC (Windows XP), let me try to get an installer/player for Linux. That way its safe and its my Laptop, if anything gets screwd up i can just install all over again. Big Deal!!!

Web searches got me to couple of forums here and here. They talked about another player 3wPlayer by Wildman Productions(i have no idea who the hell they are).

In fact the real deal here is as reported from Best Security Tips is DOM Player says its clean but you call them up and pay them to activate the attack on your P. If that doesnt work they ask you to download 3wPlayer. Which is another piece of shit and load the malware to the PC free of charge.

Now that is a cool idea. You get paid to get infected like the way you paid to get protected. Over that you download movie files (AVI files) which might be renamed porno movies.

IF any one using Fedora with vsftpd service for FTP might have come across the issue while connecting via FTP

500 OOPS: cannot change directory:/home/xxxx

Login failed.

Then here is the solution. The problem is with SELinux. Go to System > Administration > SELinux Administration. Left side - Select : Boolean. On right side - FTP, check the box that says - Allow ftp to read/write files in the users home directory.

DONE!!! Close SELinux…

Security is still a big issue in India. Since there are terrorists ready to blow up anything here, we must be aware of the fact that we are vulnerable and take all means in avoiding it. Of lately when the security measures in my company was stepped up, many employees expressed dissatisfaction and where highly irritated. Sadly they dont realize the threat. They all complained that the Security at the main gates and buildings scrutinized their belongings and treated them equally like terrorists. To a mail sent by my colleague to the Security in charge, part of the reply went like this

… We (the security and the company) are not bothered about what the employee takes unauthorized from the company(hardware and documents). But more worried about the a much more grave situation… The attack at IISc Bangalore was first planned against IT companies as they (Terrorists) realize that a well planned strike at the heart of the Silicon Valley of India, will send India’s market crashing and the country will be in a chaos in no time. Sadly our company was also in their list. They were outside our gates, looking at every move and they found the security tight even for a normal employee. Thus we were spared. Else the AKs would have gone in any of the leading IT company…

A normal Techie, works from 8-to-8 and is completely oblivious to much of the things shaping up in the outside world, spare may be Bipasha’s curves or SRK’s Abs. He doesnt realize that the Bad Guys have really turned ugly and they are recruiting Graduates and Post Grads, like most IT companies, to do the dirty job (both ways its true for the Terror Organization and IT Company). I was surprised one Monday morning when i was asked to stop at the gates and the security guy checked my ID to verify its me. After 2 years, that day i entered the campus a bit happy, coz i found the Security doing their job properly.

Sadly, the fact is, the Security at majority of the IT Companies are a bit inadequate. They in most of the cases doesn’t realize the force they are up against. Everyday i see the security at all the companies on my way to office and i bet i can breach their physical security. I dont know why i do that. But i like doing it. Every time i face a security at a gate, i think of a way of beating him without raising the slightest suspicion.

Leave alone the physical security, its the Cyber age and are we prepared against an attack via the net. No!!! Network security, if you look at most of the intranets, is getting internally compromised by the employees. Simply coz a fair number of people will click the “You won a million dollars“, flashing ad on a web page. In most of the case, that will lead to a pornographic site, at times they open up the pandora’s box for the network of the company. E-mails in particular can bring a network down. A well placed attachment asking the user to open it is more than required. Remember “I love you” or you dont coz you remember it as what your lover told you.

I have had friends approach me saying “I think my damn system is affected with virus. I have the latest in anti-virus updated everyday, the latest pop-up blocker (how did that ever block a virus), a bazooka and an entire army guarding my system… but still. Damn windows … its all because of Windows.” Let me tell you there is nothing wrong with Windows (may be not entirely and probably this will be the only time i’ll be talking for Windows and Microsoft), what is wrong is YOU. Couldn’t resist visiting the site that flashed “Sexy savvy teens… going dirty…”, or couldnt resist opening the attachment that told you how to increase what ever you have or may be had. Think before what you click on or open. They are out there to make money and they will make it any way possible.

Knowing all this what can you do … if u cant make that out by your self, then how lame are you???

“How lame are you???”, the words that lead the world’s biggest Hacker Kevin Mitnik to his fall.

Firefox 2.0 had problems with memory usage and now with the current 2.0.0.4 version, i have no problem what so ever with the browser.

But what has been an advantage of Firefox over IE, has been the plugin database. What every you need its there. There is the Firefox Recommended Add-ons, which just takes 10 min to just install completely. There are in total 25 recommended add-ons, of that for any user these are a must :

1. Wizz RSS News Reader
2. BlogRovr
3. PDF Download
4. ScribeFire (previously Performancing for Firefox)
5. FoxyTunes
6. StumbleUpon
7. Download Statusbar

I have the add-ons like Greasemonkey and Web Developer also installed, but they dont really matter unless you are into web development and programming. So among the recommended list this is for any one who does a decent amount of browsing.

But thats not it, there are much more cool plugins that will be of much interest for any one.

Bookmark Duplicate Detector : as the name says it all. Detects Duplicate Bookmarks when bookmarks are added and specify where is the previous URL. You can also search and delete duplicates URL already in your Bookmarks.

ColorfulTabs : This i feel is essential as its adds some much needed appeal… Try it!!! trust me you will love it.

Fasterfox 2.0.0 : Performance and network tweaks for Firefox. It stays down at the status bar and shows how much time it took for a page to load too.

Firefox Extension Backup Extension (FEBE) : Take a backup of all the extensions that you use to restore after a system crash or make xpi files to sync your office and home browsers.

FireFTP : an FTP client for your browser. This proved very useful while i was building my project site in uploading files on to the server. Very useful and i recommend this.

Link Alert : Imagine someone alerting you on what you are about to click before clicking a link, like is it and exe, a web-page or a doc.

MeasureIt : Imagine an on-screen rule, transparent and simple to use which accurately shows the measure in pixels. Recommended for page designers.

Password Exporter : Firefox can save all the passwords for you, keep a master password to activate that and all your logins will be taken care of. But what if you need to take all the passwords from your office system to home. Forget writing it down, this is the add-on that i recommend.

ScrapBook : This will make u forget saving pages by File>Save. U can highlight sentences, add notes, remove undesirable parts like ads etc and keep just the content.

Server Spy : Server Spy indicates what brand of HTTP server (eg. Apache, IIS, etc.) runs on the visited sites.

Stealther : If there are times you want to surf the web without leaving a trace in your local computer, then this is the right extension for you.

Usage Counter : Tells you how much time you spend in using Firefox and browsing sites.

VideoDownloader : Download videos from Youtube, Google, Metacafe, iFilm, Dailymotion, Pornotube…

WellRounded : Adds a nice ‘finishing touch’ to Firefox by providing aesthetically pleasing, rounded edges to the location bar, search bar, find bar, and all manor of other toolbars on your browser…

Safari has the feature of showing page load progress in the address bar, but if you’re going to use that Feature along with WellRounded it might not be looking that good.. Well add-on for that is Fission.

Phew… that kind of winds that up. I’m quite sure there are more interesting plugins too. As i’m born lazy i stop with this list.

There is this program called Tempest of Eliza. It helps you to listen your mp3 via radio. How it works is simply amazing. Back when i was in college me and my friend tried this and when i ran the program he was able to listen to the song from a radio in his room.

The principle behind this is called Van Eck Phreaking.

Information that drives the video display takes the form of high frequency electrical signals. These oscillating electric currents create electromagnetic radiation in the RF range. These radio emissions are correlated to the video image being displayed, so in theory they can be used to recover the displayed image.

This when i tried, was for CRT monitor. This now holds good for LCD screens too(its the kind of screens on a laptop). The latest research which was revealed in April 2007 confirms that it can be even done for LCD monitors too. The equipment well under $2000.

With a flat panel display the aim is to tune into the radio emissions produced by the cables sending a signal to the monitor. The on-screen image is fed through the cable one pixel at a time. Because they come through in order you just have to stack them up. And Markus Kuhn has worked out how to decode the colour of each pixel from its particular wave form

[New Scientist : Seeing Through Walls]

The major advantage of this technology being used is that you no longer need to be on the same network or compromise on any aspect to access information or to do a hack. Just sit and record what ever is appearing on the screen, by sitting a few 100meters away and your work is done.

Well apart from the huge security issues arising here, imagine these technologies reaching homes. You no longer can watch porn movies in your bed room … ahhhhrgggg nooooooooooooooooo

Related Reading : New Scientist : Monitor’s flicker reveals data on screen

Title Courtesy : [New Scientist : Seeing Through Walls]

Stumbled on this info at :HackInTheBox:Laptops and Flat Panels now vulnerable to Van Eck Methods

Some good VISTA news …

Cracking Windows Vista Beta 2 Local Passwords (SAM and SYSKEY)

I’m not a windows fan so cant comment about this any further. Left up to anyone who can try and see these.

Again its Linux being used by the GEEK …
J’adore…

This sure did make me smile. “Hacker Safe”…

Assured Guarantee from Sony, for SoundForge 8

Before going further, this compilation has nothing to do with any non-technical information. So if u r not interested in any technical news, you better shouldn’t be here.

Astalavista Group - This was where I started my search for tech data. Basically the links and the news given my this site has glued me on to my system. This site has the best ‘Recommended Links’, section I have seen.

Blacklisted 411 - The oldest and still active hacker site. Who said hacking is only done with/for a computer… ask these guys.

Dark Reading and Light Reading - A recent addition to my list. Sort of an online security news page. Has a range of contents to browse through. One of the best whitepaper section I have come across.

SlashDot - Their punch line says it all, ‘News for Nerds, Stuff that matters‘.

F*the.Net and Ha.ckers - Humor and Technical data can go hand in hand. A Hacker Site.

nixCraft - Something for Linux starters. Will make u say - “Hey i was looking for that!!!”.

LinuxQuestions.org - Linux questions/doubt, shoot it here …

Geek 24 - Funny Geeks place / Bond Gadgets / Blow-it-up yourself articles

Happy surfing …