A new array syntax has been proposed (for quite some time) for defining arrays in PHP. Currently, we use array() construct to create an array. Some examples could be: $myArray = array(1, 2, 3, 4, 5); $yourArray = array(1 => “one”, 2 => “two”, “three”); $herArray = array(1, 2, 3, array(4 => “four”, “five”)); The [...]
Read more →Yahoo! launched it browser based media player written in javascript. All you have to do is link the javascript code (located at http://mediaplayer.yahoo.com/js) in a web page having links to audio file(s) . Although it takes a while for the “player” to load completely, yet I am pretty okay with it (for now). Moreover, it’s [...]
Read more →It brings me immense pleasure to inform you that w3af (web application attack and audit framework) has been named the Best Application Scanner in BEST IT Security and Auditing Softwares 2007 list prepared by Security Database. I had mentioned in a few previous articles that I see immense potential in w3af. I must, however, also [...]
Read more →1. Life & Code (The title of this section is taken from Johnny’s blog of the same name, Life and Code. Although my implementation of the phrase isn’t in terms with Johnny’s, yet I could resist using it. ) Life: Three days ago I found that there are some strange entries in my local Apache [...]
Read more →Update: Kishor reports a flaw in the implementation of “private” videos feature on Orkut. Although I am at office and I haven’t checked it yet myself, I believe I can trust him, based on his posts at Slackers. Nice one Kishor. 1. YAWN [Yet Another Worm, Nanny] Orkut (Google’s MySpace and Facebook for Indian, Pakistan [...]
Read more →DEMO This post was due since the Bank of India hack incident, and was fueled by PDP’s Drive-by Java post, which is a very simple, yet a well thought of extension (sort of) to the Drive-by Download attack. This post is aimed to provide a clearer understanding of the Drive-by Download attack (via a demo). [...]
Read more →Update: I somehow managed to make a blunder. A part of slide no. 12 was taken from David Kierznowski’s (of GNUCitizen and Blogsecurity group) presentation for OWASP Belgium Conf. I missed out on mentioning David’s name is the credits. Apologies David. I’ve updated and re-uploaded it. Yesterday, I presented my first Webinar (Seminar on Web). [...]
Read more →I know, I know… the title sounds like a cheap promotion ad. As I mentioned in my previous entry that Giorgio has addressed our (mine and Gareth’s) request to block iframes using NoScript. I must, however, admit that I did not expect it to be this fast. NoScript 1.1.7.1 (SilverNight) is here. The changelog has [...]
Read more →Update: Aah. It’s not that there couldn’t have been any better news , but today’s News is that Ma1 has agreed to provide feature to block frames through NoScript from the next version (1.1.7). NoScripts Rocks. Oh and Yes! Ma1 Rocks too …;) I have been pretty busy since the last few weeks (and this [...]
Read more →I am not sure if anyone is aware of it or not, so kindly spare me if it’s not NEW in the sense I wish to convey. (Or may b, you didn’t discover it the way I did) For no particular reason, I visited the windows update page today (using IE7) and got this message: [...]
Read more →No Yahoo! hasn’t changed it’s name to Insane!. It’s just their behavior that has gone insane. If you’ve been a member of some online group for quite some time, chances are that the group is on Yahoo! Groups. Same with me. This story is concerned with my college batch online egroup. Yahoo! groups has a [...]
Read more →Update 1: I was unable to configure MySQL. Reason: It was installed in C:\(blah-blah) and , probably, do not have write rights in the directory. Installing it to D:\(bigBlah) solved the issue. Duh! Update 2: I see a fairly good traffic coming here searching for the same problem. So, in case you are in a hurry, [...]
Read more →Arpit had a joint post on the probable revealation of FSJ (Fake Steve Jobs), along with the info on Exif Data revealations of the Harry Potter book images. Anyways, the new news is that FSJ has been busted for real. It’s work of a New York Times reporter Brad Stone. The FSJ is Daniel Lyons, [...]
Read more →ZDNet Asia reports that Google Security team has discovered as “Dangerous Java Flaw that threaten’s Virtually Everything“. The interesting part of this news is that, apart from a few scary statements, it doesn’t inform you anything else. The Sun advisory page on this flaw, however, informs you about two flaws which are nothing but Buffer [...]
Read more →I hope you remember the young Indian security researchers Vipin Kumar (22) and Nitin Kumar (23), the TPM Boys [I guess, that's the way they call themselves. At least their blog confirms that. ]They presented a Paper “Vboot Kit: Compromising Windows Vista Security” at Blackhat Europe – 2007. The talk explained the (different) booting process [...]
Read more →Slashdot updated today that Billy Boy is no more the Richest man in the world. The position is, however, not official. The standard is Forbes list. Billy Boy has been surpassed by Carlos Slim, the Mexican Telecom tycoon. Bill’s current estimated wealth is $ 59.2 billion, while slims estimated wealth is $67.8 billion. Reasons: Two [...]
Read more →