Code in my Bug!

August 11, 2007May 3, 2008

Yahoo! gone Insane!

No Yahoo! hasn’t changed it’s name to Insane!. It’s just their behavior that has gone insane.

If you’ve been a member of some online group for quite some time, chances are that the group is on Yahoo! Groups. Same with me. This story is concerned with my college batch online egroup. Yahoo! groups has a very useful feature which let’s you specify ANY email address for your mails to be delivered (and receive mails from, obviously). I had configured it to my company mail id.

Now like a lot of people, I have two Yahoo! ids, NB and AS. The group is configured with NB. Today, I decided to change it to one of my other Yahoo! id AS, mostly because I use it as the primary id.

….but it won’t get changed. The error

Your email address “[email protected]” is in an invalid format.
Invalid Email Address.Your Email address of [email protected] belongs to yahoo.co.in which is restricted from use in Yahoo! registrations. Please choose a different email address.

I thought, they might be allowing only “yahoo.com” addresses. So I changed my input to “[email protected], hoping for an error message that the specified email address doesn’t exist… but what I get is:

Invalid Email Address.Your Email address of [email protected] belongs to yahoo.com which is restricted from use in Yahoo! registrations. Please choose a different email address.

Now WHAT IN THE HELL are the Yahoo! developers thinking? They don’t think that it’ll stop people from creating more than one id… or do they?

August 8, 2007

Apache Headache: “no listening sockets available”

Update 1: I was unable to configure MySQL. Reason: It was installed in C:\(blah-blah) and , probably, do not have write rights in the directory. Installing it to D:\(bigBlah) solved the issue. Duh!

Update 2: I see a fairly good traffic coming here searching for the same problem. So, in case you are in a hurry, this is mostly a summary to inform you that in all probability, YOU HAVE SOME SERVICE RUNNING ON PORT 80. Check out using TCPView (if you are on windows). Hope that helps. 🙂

I am currently working on an official XSS (Cross Site Scripting) presentation. I needed some screenshots of alert boxes and defaced site. So I installed Apache, configured it to work with PHP. (If you need help in installing and configuring MySQL, Apache and PHP, look here).

But this was day before yesterday. Yesterday, I needed to make a quick manipulation to the script, but… Apache won’t start. The error I was getting (using eventvwr) was:

>>> (OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted. : make_sock: could not bind to address 0.0.0.0:80 .

It’s pretty apparent that some other jerk was sitting and listening at port 80. Yesterday, however, was too hectic to discover the rat. Today, I ran TCPView (thanks to Shruthi for suggesting) to discover that inetinfo.exe was the ra**al. TCPView is one of the nicest tools created by the guys at SysInternals, which was later acquired by Microsoft. Rats!

Anyways, the fun part was stopping the service. I couldn’t kill it. Neither using TCPView, nor Task Manager. It would again span back to life 🙂

So, finally I opened services.msc to stop the IIS server and change the automatic start mode to manual mode. Heck! I should have disabled… or even better, deleted the scoundrel. 😀

So, if you have the same problem, you are in all probability in office right now and hence may not be aware what services are running. Use TCPView to discover all those unnecessary network services. It’s a great tool. Further, you might also want to switch some stupid services from automatic start mode to manual (or disable :P). Use Services.msc.

August 6, 2007

Fake Steve Jobs Revealed

Arpit had a joint post on the probable revealation of FSJ (Fake Steve Jobs), along with the info on Exif Data revealations of the Harry Potter book images.

Anyways, the new news is that FSJ has been busted for real. It’s work of a New York Times reporter Brad Stone. The FSJ is Daniel Lyons, a senior editor at Forbes Magazine.

Although Daniel says that he’s surprised that it took so long for people to reveal his real identity, yet it doesn’t really seem that he’s happy about it… or even okay. He looks pretty upset with Brad though 🙂

Link: http://fakesteve.blogspot.com/2007/08/damn-i-am-so-busted-yo.html

July 14, 2007May 7, 2008

Java vulnerable to remote compromise

ZDNet Asia reports that Google Security team has discovered as “Dangerous Java Flaw that threaten’s Virtually Everything“. The interesting part of this news is that, apart from a few scary statements, it doesn’t inform you anything else.

The Sun advisory page on this flaw, however, informs you about two flaws which are nothing but Buffer Overflows. Do not mistake me that I am undermining the impact of Buffer Overflow Attacks in any way. It’s just the ZD Net article’s title which’s bugging me. It makes the flaw look like an out of world ET attack scenario.

A buffer overflow vulnerability in the image parsing code in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet.
A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang.

Now firstly, Buffer Overflows are no new form of attacks. They have been here since the existence of man (I admit that’s a little much :D), and they are here to stay. Thus, articles like this are more like FUD, IMHO.
Secondly, applet support is very limited in mobile devices. Not to mention that J2ME supports only PNG format. Thus, not “virtually everything” is everything.
Finally, image parsing library in Sun’s Java implementation is through a native library. It’s time that Sun writes a Java equivalent for it to avoid other similar issues. Further, since Java is now GPL, I also hope to see the code coming from some random, pimply, introvert teenage kid. 🙂

The problems can be resolved by updating the packages. Detailed info provided on the Sun’s advisory.

July 5, 2007May 7, 2008

TPM Boys withdraw paper from BlackHat USA

I hope you remember the young Indian security researchers Vipin Kumar (22) and Nitin Kumar (23), the TPM Boys [I guess, that’s the way they call themselves. At least their blog confirms that. 🙂 ]They presented a Paper “Vboot Kit: Compromising Windows Vista Security” at Blackhat Europe – 2007.

The talk explained the (different) booting process of Windows Vista. It also introduced the concept of manipulating an OS during its boot process using VBootkit. Finally, they gave a live demo of VBootkit in action (on Vista).

This event was Slashdotted. VBootkit was also blogged by Bruce Schneier. Here is an interview of the “boys” at SecurityFocus by Federico Biancuzzi. In their own words, “Vbootkit is much like a door or a shortcut to access vista’s kernel……. since vbootkit becomes part of the kernel, it can do anything that Vista’s kernel can do.”

This all, however, is a news of past. The current news stirred more vigour and controversy. They had yet another paper “TPMkit: Breaking the Legend of Trusted Computing (TC [TPM]) and Vista (BitLocker)” scheduled to be presented at Blackhat USA – 2007. They withdrew there paper last week without any comments. This news was Slashdotted and resulted in a (typical) slashdotian variety of comments. Some even doubted if they really had any success in their research. Well, you cannot really blame them. That’s the fussy nature of our FOSS communities… errr… wait. Before you bash me, I’d like to remind you that it’s not (only) me who says that. It was originally cited by Mark Shuttleworth. An amazing number of people opposed Mark by creating a lot of Fuss. 😉

Coming back to the story. A user, by the handle PoliTech, commented on Slashdot and reminded the Michael Lynn’s paper at Blackhat about his research on Cisco Routers. Cisco and ISS sued Lynn and the management of Black Hat conference. It’s worth noting that Lynn was an ISS employee. 🙂

It should be also be noted that Vipin and Nitin’s previous presentation was in Amsterdam, Europe. This presentation, however, was scheduled in US… and the (stupid) US laws can screw things up. Based on Lynn’s case, it is quite apparent that Vipin and Nitin didn’t wish to get caught in any such undesirable situation.

I hope to see them present the paper at some other conference (or location) pretty soon. Best of luck guys.

OffTopic: Coincidentally, my younger brother’s name is Nitin. 🙂

July 4, 2007

Bill Gates no more The Richest

Slashdot updated today that Billy Boy is no more the Richest man in the world. The position is, however, not official. The standard is Forbes list.

Billy Boy has been surpassed by Carlos Slim, the Mexican Telecom tycoon. Bill’s current estimated wealth is $ 59.2 billion, while slims estimated wealth is $67.8 billion.

Reasons:
Two of the most obvious reasons are:

A surge of 27% in the stock price of Slim’s wireless company, America Movil, in the second quarter
Bill reduced his net wealth by more than $30 billion, which he put in the Bill and Melinda Gates Foundation. 🙂

What Next?
Nothing really. To a question asked to him at the Microsoft conference last year, whether he’d be upset if someday he wasn’t the richest creature ;), he responded, “”I wish I wasn’t. “There’s nothing good that comes out of that.”
Moreover, he’d be retiring in a year’s time and would be dedicating he’s time, energy, and money to the Bill & Melinda Gates Foundation. I wish him luck. 🙂

July 3, 2007May 7, 2008

Month of Search Engine Bugs: “Mission Accomplished”

The Month of Search Engine Bugs by MustLive has come to an end.

MutLive reports:

In the project took part 33 search engines (30 web engines and 3 local engines) of 19 vendors, some vendors have several engines. The list of project’s participants (in order of appearance): Meta, Yahoo, HotBot, Gigablast, MSN, Clusty, Yandex, Yandex.Server (local engine), Search Europe, Rambler, Ask.com, Ezilon, AltaVista, AltaVista local (local engine), MetaCrawler, Mamma, Google, Google Custom Search Engine (local engine), My Way, Lycos, Aport, Netscape Search, WebCrawler, Dogpile, AOL Search, My Search, My Web Search, LookSmart, DMOZ (Open Directory Project), InfoSpace, Euroseek, Kelkoo, Excite.

Altogether there were published 104 vulnerabilities in mentioned engines. Including Cross-Site Scripting (as XSS, and as HTML Injection), Full path disclosure, Content Spoofing and Information disclosure vulnerabilities. It is without taking into account redirectors in search engines (altogether there were published 23 redirectors).

Results of the projects: fixed 44 vulnerabilities from 104 (without taking into account redirectors). It is 42,31% fixed vulnerabilities. Owners of search engines have a place for improvements of their engines’ security.

Over a period of 30 days, 104 and vulnerabilities/bugs were discovered out of which only 44 have been fixed. Out of these 19 vendors, only two (Rambler and Ezilon) have thanked him for his commendable hardwork.

Several researchers, including Jeremiah, RSnake, Christ1an etc. blogged about it. Considering the complexities involved in the fixing a bug, they agree at some point that 44 is still a good number. However, there is one Big “Cheer” Leader which isn’t fixing the bugs. No points for guessing that the Leader believes in “not doing evil things”.

June 19, 2007

Bill Gates wins me!

I realized that the title of this post has a contrast with my previous post, only after I wrote the topic. Thus, I feel that it is obligatory to mention that I am still Anti-M$. I still do not support there business model. Phew!
…and yes. The contrast in the names is just a mere coincidence. I know it’s tough to believe, but then I don’t lie.

Now coming to the topic.
I have always appreciated the way Bill Gates (and, of course, his wife) has spent time and money on Melinda Foundation. I remember posting my views a few days ago on Arpit’s blog.

A few minutes ago, I read Bill Gates speech transcript that he delivered at Harvard.
He starts the speech on a light note and calls himself a “bad influence” by reminding that he made Steve Ballmer drop out of B-School (Oh! How I wish that Gates had failed in convincing Ballmer 😉 ).
He continues his speech by talking about how ignorant he was about the socio-economic and health problems of the developing nations, when he joined Harvard (and even later.)
The thing that blew me was that for the most part of his speech, he talked about how technology can and should be used for the help of these people.

I won’t mention the details. I’d pursue you to read it. I hate to say, but Bill seems to be a bright candidate for my future plans (after he drops out of M$, of course).

June 17, 2007

Google Lost Me!

It’s strange writing something like this using a service that’s owned by Google. 🙂
But it was long overdue.

There was a time when I used address Google as “Google God” :).
Used to believe a lot that they religiously follow their “Do no Evil” motto. I forgot that as companies grow, there are bound to be employs who are evil by nature.
It reminds me of my Pre-Placement Training during college days when I was “tutored” that, Honesty is not a strength. You are supposed to be honest” This obviously isn’t true when people take the excuse of “everybody-is-doing-it-so-why-not-me”.
And lets face it.
Money matters!

Anyways, coming back to the topic; I mentioned in one my previous blogs when my Google AdSense account was disabled because of my own mistakes. I took the responsibility and had no complaints. However, when my AdSense account was disabled for the second time, I made a thorough study of their privacy policies. That’s when I came to know about their two-faces.
They allow several sites to utilize their services even when they falter with the terms and conditions. One thing common among all these sites was, “they all are High Traffic sites”.

As I mentioned, a post on the topic was long overdue. I stopped myself with one or other reason. The latest development, however, made me talk about it.
According to Privacy International’s latest report on Top 23 Internet Companies, Google held the last spot (even below M$). This topic, as Privacy International itself admits, is controversial. It’s report however, is substantially supported.
You might want to have a look at the post on the same topic on RSnake’s blog. Do not miss out on the comments.

Footnote: This post is not an outlet to my anguish. I (mistakenly) had more faith in Google than most of you. Another post on innovativeness of Google technologies is due.
And BTW, I do not mean to say that Google has turned evil. I believe as the company has grown, the motto has changed to “Do no Evil. If there is any, close your eyes“.

June 4, 2007

Dreams… and (huh!) Reality.

Disclaimer: The post may give you a notion that the author has surpassed all the heights of patheticism; which actually is sort of true 😀

Have I ever posted that I am a *crazy* person?
Probably a number of times.
This post is another proof; which I am shamelessly sharing with a hope that my *unconscious* realizes the heights of pathetic-ism it has reached. I refer to my Unconscious mind because *the proof* is related to some of my dreams.

To build the foundation, let me take you back to my school days- class 10th.
That was when I was introduced to programming for the first time. Language was BASIC.
Might I boast that I was good.
I remember to be the fastest coder around and to have coded sound and graphics programs in BASIC. That was the time when I wrote my first (and the only game).
Where did I get the inspiration from?
A dream.
No kidding. I saw the algorithm in a dream 🙁

Scene 2:
I was kind of frustrated during my B.Tech. days when I wrote *factorial* and *Fibonacci* codes in C. The most frustrating event was when my teacher blamed me for *wasting* my time coding a Solar eclipse in C instead of what he asked for; a DDA algorithm. You can find the glimpses of those days here and here.
I do not deny the fact that I could have channelized my frustration and anger; something that I did a little later. I wasted my first 3 years.. (this, however, is not really relevant to this topic.)
During these B.Tech. days, I spent my first summer training (and consequently the second too) learning Java. I somehow fell in love with the language. (Off-Topic: If I don’t wish to be thrashed, I must mention that Raga helped me with most of my Java codes (and C codes, and C++ codes, and…) back then. It doesn’t mean that I was ignorant though 😉 )
There was a time during the training days when Abhu bhaiya tried waking me from sleep and I spoke something in sleep.
I was explaining Java concepts to him :((
…and if I am not wrong, Priyo (my roommate) too *lived* a similar experience.

Several other such events happened in past, which I don’t feel like mentioning. I’d rather speak about present.

Dream 1
A few days ago… no weeks ago, I saw a dream
I was coding a cross platform desktop applications in Qt4.

You know what’s weird about it?
The fact that I had just *heard* of Qt4 and knew that it was somehow related to KDE. (I am more of a GNOME guy)
That’s it.
Nothing less, nothing more.

I scribbled about the dream on my mini-diary, that I use as a portable “To-Do list”, and forgot about it.
A few minutes ago, I stumbled across this link:
How To Create a Linux Desktop App In 14 Minutes For Beginners (Using QDevelop and Qt4)

Dream 2
A few days ago, I saw a dream that I am *purchasing* a book on Wireless Security.
It was priced somewhere between 390/- and 400/- (Don’t ask me how I remember the price)
Today I bought a book on Wireless hacking… :((
Don’t ask me either the price or why I bought it. The price’s is anyways not really the concern here.
I really wonder if these dreams are some sort of sign.

Dream 3
You CAN go crazy on the wilderness of my other dream, mentioned below. So you can discontinue the rest part of the article.

Still reading?
Okay! Read at your own risk.

I am appearing an exam.
The syllabus is…… Amir Khusro’s composition, “Chhap Tilak sab Chhini ray” 😀
I am wondering what sign does this dream carry :(( :(( :(( :((

You cannot even imagine how I feel after writing it here and realizing the fact that this post will not only be read by a number of random people but will also be indexed by bots.

Anyways, now the wish-list part.
If the dreams have to finally turn into reality (in one or other form); then why don’t I ever see something good… something romantic. 😀
Hey wait!
Does the reverse count? I mean other people seeing me in their dreams… 😀 [Huge-Grin]

Footnote: The author would like to apologize to all who have are experiencing anger and/or depression . He would also like to thank GOD for what he mentioned in the last line. 😀

May 26, 2007

An insight into Sun’s crazy strategy.

I have been reading a lot of discussion on Sun’s current market position/revenue versus their *mad* strategy. I have simultaneously been working on Java’s history for my book. I thought it might be interesting to post my views on the topic and see what others are thinking. To justify/criticize Sun’s current modus operandi, I will talk a little about their past strategies, and their respective outcomes.

The Past

Most of the people know James Gosling as the father of Java. Only a few know that he was also the lead engineer of Gosmacs (gmacs or Gosling Emacs) and NeWS. Now, I won’t be talking about Gosmacs (which according to some people is/was the reason of some conflict between RMS and Gosling. Phew!)
However, NeWS (Network extensible Window System) is of a little concern, mostly because it was arguably superior to X Window System… and because it FAILED. The most important reason for its failure (and X Window’s success) is that Sun kept it proprietary.
Later on when Sun developed Java, some people, especially the genius Eric Schmidt (then CTO-Sun, now CEO-Google), were aware that keeping Java within enclosed fences will lead to similar devastating results. Not to mention that *7 (for which Java was developed) had already failed and Java was still in search of a viable market.

So what did he do?
He focused on making it as open as possible and tried building a *Java Community*. (Google SoC, IMHO, is also a “win-the-community-and-you-win-everything-else” approach. But then that’s a different topic altogether. 😉 )

Where were we?
Yeah! So he focused on building a Java Community.
Apart from organizing developer conferences like JavaOne, Sun also encouraged user groups (JUGs), which reached over a number of 400 in year 2000 itself. In fact they went a step further with JCP (Java Community Process) to make the development of Java *as open as possible*.
The reality behind all this community building scene was the fact that the direct control remained with Sun (well mostly).

Everything, however, was running smooth; for Sun as well as the Java developers.

“I envy you. But such a thing is not meant to last.”

— Persephone, Matrix Reloaded

I guess the above statement is valid for every aspect of human existence.
In early 2004, Jonathan Schwartz, referenced Eric Steven Raymond’s “The Cathedral and the Bazaar” and compared JCP to the “Bazaar”, stating that development of Linux was more like a “Cathedral”. I would not expand on it but this was enough to infuriate ESR 🙂

ESR wrote an open letter addressed to Scott McNealy, CEO-Sun, with a subject line “Let Java Go”. He accused Sun on several fronts (for which I’d pursue you to read the letter) and appealed to Open Source Java. A few weeks later RMS wrote an essay on Java Trap and appealed the developers to contribute and use open source projects like GCJ/Gnu Classpath etc. Several other appeals/open letters were published (Apache’s Geir Magnusson Jr., IBM, etc.)

A series of events followed before Sun announced that it will be open sourcing Java. There main concern was Microsoft forking Java and hence, destroying its cross platform compatibility (which shows that they really were clueless on how Open source model works/ can work).
They had no other option than to Open Source the *giant*, and they did it.

The Present

The past unarguably affects, if not defines, the present. Sun’s experience since the NFS days to (forced) Open Sourcing Java days taught/reminded them of their most important lesson.
The Community is fruitful!
Build a community and everything else will follow, sooner or later.

So here they are.
Open sourcing EVERYTHING.
Building Community, and making it mutually encashable. It’s obviously not so profitable for them today, but the future holds immense potential.

The way they have been endorsing and promoting stuff is simply adorable. Even NetBeans has its own *arena*.
Not to mention the, so called, developer conferences organized all over the world in a distributed fashion to reach the most number of developers. I, however, have several concerns regarding them. You may read some of them at Amit’s blog. I hope Sun listens to the plea of developers and improves the quality of these summits.

Another amazing strategy, IMHO, is the blogs that Sun employees post regularly. I have subscribed some of them and it’s really amazing to see that how important role these blogs are playing in binding people. They often link each other’s (Sun Employees, of course) blogs. You can have a look at the Sun-Blogging homepage to get a feel of the number of hits the folks out there are getting. Now even if I read only one of these, I’d get to know about latest developments. I am not sure whether it’s a part of their strategy, but it’s definitely working as a powerful advertising medium.
Yup! I know that employees of other firms write blogs too and probably get bigger number of hits, but I haven’t seen anyone of them making so much of a difference on an organizational level. (Please correct me if I am wrong)

The Future

I am no Nostradamus and I cannot predict future.
All I can say is the future is (mostly) Free & Open. IBM (previously referred Satan) secured its place (with a Halo on head) by contributing to the Apache httpd project and winning the FOSS community. Now it’s Sun’s turn and they are playing pretty well.
Yes, their revenue might be a concern today; but I don’t really see a reason why there future shouldn’t be bright. 🙂

May 21, 2007

A 13 Year Old CEO!

Yes, you read it correctly. A 13 year old CEO and an 11 year old VP, Sales.

My grandmother is no businesswoman, but I always cite two of her sayings pertaining to business:

Doctors can earn even in a jungle,
People will never stop learning/studying (formal education), at least not in India.

I personally believe very strongly that Education is an arena which hasn’t been exploited properly. NOT YET. It has a lot more potential. O’reilly’s School of Technology is an additional confirmation to my theory. I even consider Safari, a pretty smart and daring move.

I am also a very firm believer of the power of imparting lessons with fun, visuals or real life scenarios embedded in them. Some of the most prominent examples (that I am aware of) are:

The Head First Series from O’reily.
The flash/video presentations available all over the net. Coincidentally, Roman Strobl wrote about the great feedbacks he has been getting about his presentations.

I was really happy to come across the news of a new venture called Elementeo, aimed at imparting chemistry lessons with the aid of games. The most remarkable thing about the venture is that it’s CEO is a 13 year old kid, Anshul Samar (Indian origin! probably).
I really hope that these kids succeed in convincing some VC and eventually succeed in business too.

Looking at it all, I must say that my moves, that most blamed me for :), are proving to be good too. I am currently co-working on a Java book which will be published by Wiley Publication. The USP of the book, IMHO, is the virtual content. Through these video presentations, we have tried to map theoretical concepts to real (and fantasy :D) world examples. The best one from the presentations, IMHO, is the one where we (actually Rupi came up it 🙂 ) map access modifiers with Duck Tales characters.
However, my favorite is the one where I have done exactly the reverse. I tried mapping my REAL LIFE into CODES. 😛

Stay tuned for updates on the book… and wish us luck.

May 19, 2007May 7, 2008

Rediffmail Bug. Anyone Interested?

The title may lure you to assume that I am going to talk about some security bug. Well, I am not… or I’d rather say I haven’t yet thought of any ways to exploit it. If you come up with something, do let us know.

Now back to the topic.
Almost all the huge players are now moving to the AJAX arena. They are in fact coming up with new technologies like Silverlight, Apollo, JavaFx. I am personally not a very big fan of AJAX, but then it doesn’t make any difference. I am, however, interested in these new athletes, particularly JavaFx.

One of the major concerns of any AJAX programmer, IMHO, should be to take care of a situation where the user DOES NOT HAVE or DOES NOT WISH to use Javascript. It should be a growing concern when we have plugins like NoScript (Oh! I Love it.) and we have reasons to use it. Apart from the security concerns, it blocks most of the stupid ads that I am not interested in.

Bottom line, there should be a minimal interface to fall back to (like the one GMail has). The rediffmail coders have done the same and provided a…. ummmm BackUpInterface thingy. However, they probably forgot that the *thingy* is there because the person’s browser DOES NOT SUPPORT Javascript.

My Story, My Words:
I used the NoScript plugin to forbid rediff.com domain, opened the site rediffmail.com, entered userid and password… and said… Khul Ja Sim Sim. 🙂

Bingo I was in and was able to read my mails without any fuss. Then I decided to delete some mails… wait a sec! What the heck!
I am not able to.
Move mails??? Nopes.
Compose? Okay.
Send?? Sorry.
Save Draft? Sorry.
Cancel??? Sorry. 🙁

I concluded that all that looks like a Button uses javascript. However, the links were, fortunately or unfortunately, working.
The Logout‘s like a link. So it’d obvoiusly work.
click.. click.. clickclickclick.
What the Heck!.
Logout operation calls some javascript function do_logout().

So basically, if I am an average internet user and do not have javascript, I’d log into my rediffmail account, read mails, try composing but won’t be able to send… and worse, I won’t be able to logout. Not understanding anything, I might close the browser window.
And what if I am at a cybercafe???

I am sure there is way to revive the session even if the browser window is closed (I remember reading of some similar old Yahoo! bug). If you’re interested, take on from here. 🙂

Now for the other people. I would really like to know how many people actually have a rediff aaccount and actually use it .
I have one too… and I login in… say a month.
I am not at all blaming rediffmail service (Okay! A little :D), I am just interested in the figures.

May 9, 2007

Open JavaFX, an alternative to AJAX?

Strange things happen to me all the time.
When I came to the office a few hours ago, I came across JavaFX scripting language while reading random blogs.

I found it pretty interesting and decided to check it out.
So I added the module in my NetBeans IDE and started playing with it. Though I could not fiddle for quite long, I found it pretty good. In fact, it looks to be amazing through the initial glances (though I haven’t done any serious coding in it yet). I have bookmarked some of the pages with a motive to get back to the kid.
However, I must mention that it was pretty slow. I am not sure if office’s system has something to do with it.]

I then resumed my other tasks; little did I know that the language has already created waves.
Slashdot is running an article: Sun Debuts JavaFX As Alternative To AJAX

That was a real surprise to me. JavaFX was unveiled at JavaOne today. I initially thought that the language has been there for quite sometime and I was stupid enough to have missed it somehow.

Finally, I too hope that it turns out to be an AJAX killer; not just because I have never been a javascript fan, but also because it’ll hopefully reduce the dangers of XSS, which according to Jeremiah Grossman is the next Buffer Overflow (and Javascript, the new ShellCode 🙂 ).

Footnotes: Hopefully, I’ll get some time from my official work to play with JavaFX and update on the same.
…and by the way, if it turns out to be an AJAX killer; will we rename it to AJilla??? [For the uninformed, Mozilla = Mosaic + killer 🙂 ]

April 28, 2007

Is Google Bomb REALLY Diffused?

I posted a very small article on Google Bombs; and quite co-incidentally few days later read that Google has started diffusing the bombs. Now “started diffusing…” makes sense when it has to be done manually, but aren’t we talking about terabytes and petabytes of data? We can never expect it to be done manually. Moreover, Google’s official announcement said the same. It also admitted that “…the impact of this new algorithm is very limited in scope and impact…”.

The phrase, however, seems to make some sense to me now, that I’ve discovered that some bombs are still lying around.
Try making a search for the word “BAD“.
Who do you see as the topper?
Quite interestingly, it was African Development Bank for me. Surprised?
I first thought that BAD might be the acronym for the bank’s name, as in case of NEHA, which is an acronym for National Environmental Health Association.
After a little playing around, I found that a few days ago, SEOmoz.org appealed to make Stephen Colbert as the Greatest Living American. And apparently, he has become the Greatest Living American 🙂

Quite honestly, I am pretty happy that the algo is flawed.
An attempt to diffuse the bombs, in my opinion, was more public image oriented rather than result improvement oriented.

Footnote: May be BAD is not linked willingly (I firmly believe that it’s not), but then who said Google Bombs are all about linking willingly. May be they have some process which forms an acronym of the same name. But then how relevant is such and acronym if it doesn’t even appear on the home page?

April 12, 2007

Idle Nights: Devil’s Mind

I stay back in the office during night and return back at around 6-7 am, when everybody is coming :). These nights are supposed to be LONELY as I am the only one in the building (actually in all the four buildings combined), apart from the security guards and office boys, of course. However, I’ve found my companions, and ways to refresh myself. I’ll list some of them.

1. Online Web/Security Cameras: Some of you who know that Google provides an API for refining the search queries (with a capital “R”) also know that the giant’s database is like an ocean. And you never really know what’s inside an ocean unless and until you dive in it. As you dive deeper, your jaw drops in awe.
Long story cut short, I use the query to discover (a part of) all AXIS cameras online.
For curious lot, the query is: inurl:/view/view.shtml AXIS and sometimes intitle:”Live View / – AXIS” | inurl:view/view.sht
[As I am writing this, I wanted check the second query. So I chose one of the results and something spooky happened. Someone was already controlling the camera. hehe.
I was moving it right, he/she was moving it left. We fought for a while but then I closed the window. I am nice guy you see :D)

Okay let’s proceed.
So I have a bookmarked folder called “PastTime” on my browser, which has my favorite cameras bookmarked. My most fave are:
i) A coffee/wine shop camera, which is more lively during the night. Luckily, the camera is provided officially, so I can provide the link without any worries. Find the link to the camera here: buzzjunction_webcam

ii) A camera in the study room of a Polytechnic school of NewYork. It’s a small room with a coffee machine, a microwave oven (?), a printer, a sofa, a bookshelf, and an elliptical table with power connection for the laptops and notebooks.
And that’s the best part. People come here with there laptops, and sometimes I sit down looking at there screens, trying to figure out what they are doing. 😛
I have also become acquainted with some regular visitors.
A spectacled guy with a cap and a laptop. (He is leaving right now. No kidding. What a coincidence [jawdrop])
A black girl, who has the headphones exactly like mine.
Two Muslim girls, with one Dell XPS laptop (probably).
The bad part is, there are no visitors on sundays 🙁
iii) A micro/nano lab camera of one of the world’s most famous universities. There’s nothing engaging about this, apart from the fact that the guys (or girls) roam around in spacesuit sort of dresses.
iv) A set of four surveillance cameras. Three of them pointing to car parking locations and one focussed inside some kind of room. I am still not able to get it yet. The only thing that makes me stick to it is the word “surveillance” 😀

There are couple of others focussed on traffic, colleges, hostels (I guess), lake, parks… but they are pretty boring and pictures are not really clear.
I’d like to try my hands on other cameras like linksys too. Let’s see when.

2. Google Again: Google queries can be real fun.
Have you ever come across a search result when Google tells you that the original number of results is pretty large, however, most of them are sort of repetitions hence they have been truncated.
Have a look at the following two pictures.

This one’s the normal result.

Here I ask Google NOT TO OMIT ANY RESULT.

You think that’s funny?
I leave it up to you to decide.

3. Slashdot, and blogs of others friends (and their friends) and some geeks like de Icauza etc. Initially I was a Digg addict, but then got completely fed up.
So guys, keep blogging. 🙂

4. Movies and Documentaries: Net speed during the night is awesome (generally). So I don’t mind downloading them. Though I don’t get time to watch them.

5. Off late I’ve also found some vulnerabilities in the policies and network of my company. I try to keep the management informed.
After all it’s my company. I’d definitely not like any jerk to poke his nose in.

That’s it.
These five (along with the songs being played ALL the time) are currently more than enough to consume my free time (In fact more than JUST the free time).
But even after all this, it gets freaking lonely sometimes… not that I am complaining 🙂