Month: February 2007

Posted on

Vista!!! (3 Exclamations.) is here? (Why :-/)

I don’t intend to post any review of the vista.
There are some neatly written essays on the topics by experts, like this one.
I was going through the article and stumbled on this page, which has the picture given below.

Vista Malware

What happened was due merely due to fast glance and my mouse cursor covering a part of the word; the hardware appeared to me as malware, making it Is it time to upgrade your malware?

Now that’s wrong on my part to ridicule someone because of my own mistake… but honestly. Is there any difference?

UPDATE:
Very very honestly. I had read only the first two pages the security focus review before writing the above lines. However, the third page contains the following para:

So, one craplet pops up demanding to be enabled; you exit that, and a different one pops up telling you that you really ought not to have done that. Now, my definition of malware is pretty straightforward: malware is any code that causes my computer to behave in a way I don’t intend, or any code that prevents my computer from behaving in a way that I do intend. Thus the Vista Security Centre is, quite simply, malware.

Wohoooo!
I am a genius.

Posted on

Samy: A hero or a villian!

First thing first. I hate these sites meant for so called “socializing”.
Sites like: Orkut, MySpace, etc. Ditto with games like SecondLife.
Heck Man.
Just get out of these places and get a life…. [Be more like Swen, the GBCD ;)]

Anyways. There is this guy who created a, so called, WORM for MySpace.
It was a beautifully written piece of code… all in javascript. What this worm did was, it added Samy as a hero in the profile of every person who visited Samy’s profile.
And that’s not all, it also added Samy as a hero to the visitors who visited ANY affected profile.
He gives a beautiful (and “for-dummies”) writeup:
Story in his own words
Technical details

It created a havoc. Lakhs of profiles were infected in a few hours. MySpace had to take down the site to “repair” it.
The code is so beautifully crafted that it made me smile.

Now, was this wrong?
To a certain extent, YES.

Was it a punishable crime?
mmm… Depends on the extent and type of punishment. [If my views matter… well it’s my blog, so it matters 😉 ]

The recent news is that Samy has been sentenced for three years of probation and 90 hours of community service. He cannot have access to internet during this period. [Though I am not able to understand what it means. He’ll anyways be using ATM etc.] However, this kind of “punishment” doesn’t make a sense to me.

If we really have to punish the “culprits”, why not punish MySpace too?
Why shouldn’t MySpace take the responsibility of the privacy of it’s users?
Why was MySpace stupid to allow DIV tags?
Why shouldn’t iexplorer and safari be sentenced for allowing javascript inside CSS?

These are questions that cannot be answered because the world belongs to the BIG-BAD-BOYS.
What this boy did not really harm anyone. He could have modified the code to steal private information, (the way your gmail book can be stolen).
Moreover, he published the code after MySpace had fixed the problem.
……. and yet he has been SENTENCED.

I am reminded of an incident that Lalit told me about.
There was this guy who informed the site administrator about some loophole in his site and was jailed.

“… but why?”
“Because you are not supposed to peek inside my house, even if the door is open.”
“… and what if I am one of those who have signed up to stay in your house? Isn’t my privacy your responsibility? Shouldn’t I be allowed to check the locks and doors?”
“No. I am a freaking BIG-BAD-BOY. You’ve no right to mess with me. If you even dare, be prepared to be jailed.”

Well…. That makes sense now.
So next time you find a loophole either sit silently or sell it.
That’s all I can conclude.