Inside Bauani's Mind

Greenpeace International Activists Shut Down BP (British Petroleum) Stations!

noreply@blogger.com (Bauani) — Tue, 27 Jul 2010 14:16:26 PDT

Forty-six BP (British Petroleum) petrol station's in central London were shut down today and re-branded with signs announcing: 'Closed. Moving beyond petroleum' and featuring the new, 'oiler' BP Logo.

It's time for BP to make a real move beyond petroleum and end their involvement in environmentally destructive oil sources like Arctic oil exploration, deepwater drilling and the Canadian tar sands.

Let's make it clear that the time to move towards clean, renewable energy is now.

Our activists are literally turning off the pumps at BP's stations to make it clear that the risks of exploiting dangerous oil sources are too high - as the Deepwater Horizon disaster has made clear. Join them in demanding an Energy [R]evolution now!

Picture: The winning logo from the rebrand BP logo competition replaces BP's old logo at a petrol station in Camden. - Photo & Caption Copyright: Greenpeace International

More on Greenpeace International UK Site

Do you ever think how save the fuel we use on our vehicle or Industries?

Why IPv6 Deployment is Delayed

noreply@blogger.com (Bauani) — Fri, 23 Jul 2010 07:50:37 PDT

The deployment of IPv6 currently seems to be stuck in a chicken-and-egg situation: little content is accessible over IPv6, and content providers (web site owners) don't have an incentive to IPv6-enable their web sites because few people have IPv6 Internet access. On the other hand, as little web sites are accessible via IPv6 (and almost none only via IPv6), consumers aren't demanding IPv6 support from their ISPs.
With Sixy.ch, those that already have IPv6 access know something to do with it, and web site owners get a (however small) incentive to make their web site future proof.

The message is simple: be cool, get IPv6 for your web site, and make your consumer to create pressure to give you IPv6 Connectivity.

I know one ISP, name Dhaka Wireless is give out IPv6 connectivity to their customer if they ask for it!

Thanks
Ahamed Bauani

Dell R410 Rack Server Motherboard Contain Malicious Code, Dell Confirm the Issue

noreply@blogger.com (Bauani) — Wed, 21 Jul 2010 23:39:21 PDT

Dell has shipped a lot of Dell R410 Rack Server with Malicious Code in Motherboard. Dell has confirmed the issue and give an statement:

As part of Dell’s quality process, we have identified a potential issue with our service mother board stock, like the one you received for your PowerEdge R410, and are taking preventative action with our customers accordingly. The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware. This malware code has been detected on the embedded server management firmware as you indicated.

We take matters of information security very seriously and believe that any impact to a customer’s information security is unlikely. To date we have received no customer reports related to data security. Systems running non-Windows operating systems are not vulnerable to this malware and this issue is not present on motherboards shipped new with PowerEdge systems.

The company did not provide any additional details.

ZDNet.Com first published the story related to Malicious Code on Dell Server Motherboard. After that Dell has send an email which contain is given bellow:

Dell is aware of the issue and is contacting affected customers. The issue affects a limited number of replacement motherboards in four servers - PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 – and only potentially manifests itself when a customer has a specific configuration and is not running current anti-virus software. This issue does not affect systems as shipped from our factory and is limited to replacement parts only. Dell has removed all impacted motherboards from its service supply chain and new shipping replacement stock does not contain the malware. Customers can find more information on Dell’s community forum.

Main Article by Ryan Naraine, who is a journalist and social media enthusiast specializing in Internet and computer security issues.

25,000 PCs attacked with latest Microsoft Windows zero day

noreply@blogger.com (Bauani) — Wed, 14 Jul 2010 22:44:21 PDT

The Windows Help and Support Center vulnerability that was patched with yesterday’s MS10-042 bulletin was under active attack by malware miscreants, especially in Europe where Microsoft tracked about 25,000 attempts to exploit the vulnerability.

According to Microsoft’s Holly Stewart, the attacks escalated significantly when the company announced the issue would be fixed in this month’s Patch Tuesday.

In a blog post to the Microsoft Malware Protection Center (MMPC) blog, Stewart said the attacks started a few weeks ago and have continued to expand and some new attack patterns have come into play.

The attacks that we have witnessed in the wild work only on Windows XP (not Windows 2003). Early on, we saw attackers incorporate code to single out Windows XP targets, but more recently the attackers have been less discriminant, attempting this attack on a variety of operating systems, about half of which were not susceptible because the exploit code could have only been successful on a vulnerable version of Windows XP.
- MS Patch Tuesday: Googler zero-day fixed in 33 days
As of midnight on July 12 (GMT), over 25,000 distinct computers in over 100 countries/regions have reported this attack attempt at least one time, Stewart said. There was a “fairly large increase” over this past weekend, shortly after Microsoft announced that an update would be provided to fix this issue with the July security bulletin release.

Websitevaluespy.com A new Site to Tell More About your website!

noreply@blogger.com (Bauani) — Tue, 06 Jul 2010 08:57:37 PDT

Do you know what your website value is? I think not. But in Internet World, all website has it's own unique value, by name, visitor or the site provide information or service to people. But most of us don't aware about it at all!

A completely new site name http://www.websitevaluespy.com/ come here to give you solution to see the value of your site. Just click here and put your website address (URL) , they will automatically give you details of your website, including location, visitor number, Alexa rating, Keyword it contain, approximate revenue earning and many more.

I have checked my all website and found imagine result. 3 of them is given bellow:

http://www.websitevaluespy.com/www.bauani.org

http://www.websitevaluespy.com/blog.bauani.org

http://www.websitevaluespy.com/basic-linux.bauani.org

http://www.websitevaluespy.com/mirrors.bd-servers.net

This is just 3 example of their service. I will update about the service provided by http://www.websitevaluespy.com/ more here. Just give me some time and stay tune...

Ahamed Bauani

http://www.bauani.org/

HP: +880-1818-BAUANI

BTRC Website is Down!!!

noreply@blogger.com (Bauani) — Sat, 22 May 2010 08:25:22 PDT

In our Digital Bangladesh, at this moment BTRC website (http://www.btrc.gov.bd/) is DOWN. I have checked from almost everywhere in world by my friends and others and they also failed to browse BTRC website.

It is almost more then 1 hour that The site is Down. Nobody seems care about the issue. Can you see the page? I really need some information on a license Guideline, but failed to get. Now where I will go and get the information?

Can anybody help me?

Fire Near Buriganga River

noreply@blogger.com (Bauani) — Fri, 21 May 2010 05:27:03 PDT

I saw fire and smoke from my rooftop about Half an Hour Ago. Then I called DMP Control Room know the location of Fire, but they don't have any information about any fire in City. I request operator to collect information via their wireless network. Request has just ignored and he give me phone number of Lalbagh Police Station to know details.

Without any delay I called Lalbagh Police Station, They also told me that they don't have any information regarding any fire and told me that might be any fire on dustbin near River. I requested him to collect information over police wireless network, same here. No information of Fire. Now I am in rooftop and watching the dark black smoke growing up.

God Knows What kind of duty DMP (Dhaka Metropolitan Police) do. As I can't find the location, I can't call fire service to take action. May Allah Save us.

I took 2 picture of smoke, but can't upload at this moment as I am connected with GP Internet and Connection is too slow to upload any picture at this moment. I will post any update here regarding this fire issue.

Ahamed Bauani

http://blog.bauani.org/

Update:

Fire is in 1km Radius of Chwalkbazar Telephone Exchange, which is almost near Buriganga River.

10+ mistakes Linux newbies make

noreply@blogger.com (Bauani) — Thu, 20 May 2010 09:45:39 PDT

New desktop users can make plenty of mistakes (as can anyone). But knowing which mistakes to avoid, from the start, helps prevent a LOT of frustration. I’ve handled the topic of mistakes new Linux admins make, but never those of desktop users. Here are some of the most common Linux desktop mistakes I see new users make.

Note: This article is also available as a PDF download.

1: Assuming they are using Windows

Although this might seem way too obvious, it’s not. The average user has no idea there are even different operating systems to be had. In fact, most average users couldn’t discern Windows XP from Vista from 7 (unless they are certain Windows 7 was “their idea”). Because of this, new users might believe that everything works (or doesn’t work, as the case may be) as it does in Windows. Make your end users aware that they are using a different operating system — and that it works differently.

2: Trying to make exe files work

Unless you have done your homework and installed WINE, double-clicking those .exe files simply won’t do anything. And when that happens, your end users are going to be upset. I have seen many an end user download an app made for Windows assuming that it will work for Linux. Make it clear to users that Linux, like Windows, will only run applications made for that operating system. This, of course, is tossed out the window when WINE is involved. But new users won’t be using WINE anyway.

3: Choosing the wrong distribution

One of the biggest problems for users is choosing the wrong distribution. Imagine being a new user and selecting Gentoo or Slackware or Fedora! Yes those are all good distributions, but any of them would send a new user running away in fear. If you are in the initial stages of helping a new user out, do yourselves both a favor and choose the distribution carefully. Consider the user’s ability, needs, and hardware before you make that selection. Don’t just jump on board Ubuntu because everyone says you should. A lot of distributions out there are made specifically for new users. Give them all a close examination before making the choice.

4: Not finding software

Because so many new Linux users are migrating from Windows, they think software can be had from the same channels. Most of the time, this is not the case. The new user needs to become familiar with their package management tools right away - especially tools like Synaptic, Packagekit, and Ubuntu Software Center. Each of those tools is a mecca of software where users can most likely find all the applications they need.

5: Sending OpenOffice documents to Microsoft Office users in the default format

I see this so often. New Linux users are proud of the strides they have made but dumbfounded (and sometimes turned back to Windows) because the people they share files with can’t read their formats. Remember, Microsoft products are not good at getting along with other operating systems and other applications. Make sure your new users are saving in file formats that are readable by the Microsoft equivalents.

6: Avoiding the command line

I can’t, for the life of me, figure out why people completely avoid the command line as if it is the most complex tool there is. I know people who can work absolute magic with Photoshop but can’t seem to type a simple rm command at the command line. Why this is I will never know. New users shouldn’t shy away from the command line. Knowing the command line isn’t essential anymore, but it will make them more capable users.

7: Giving up too quickly

Here’s another issue I see all too often. After a few hours (or a couple of days) working with Linux, new users will give up for one reason or another. I understand giving up when they realize something simply doesn’t work (such as when they MUST use a proprietary application or file format). But seeing Linux not work under average demands is rare these days. If you see new Linux users getting frustrated, try to give them a little extra guidance. Sometimes getting over that initial hump is the biggest challenge they will face.

8: Thinking the Windows directory hierarchy translates to Linux

There is no C:\ in Linux. Nor do you use the “\” character. Nor should you use spaces in filenames. These are common mistakes new users make. Trying to map out Windows to Linux, directory for directory, is impossible. You can get as far as C:\ = / and maybe Default User = ~/, but beyond that you’re out of luck. Make sure new users understand that everything starts at / and their most important directory is their home directory (aka ~/ aka /home/USERNAME/).

9: Skipping updates

I have been burned with Windows updates many times. Need I bother mentioning the update from Explorer 7 to Explorer 8? Very rarely has a Linux update fubar’d a system of mine. In fact, I can’t remember the last time it has. So I am always up to date on my systems… and with good reason. Those updates bring new security patches and features to software and should be applied. Having an installation with a security hole is not what your users need, especially on a machine that houses important information.

10: Logging in as root

I really shouldn’t have to say this. But just in case, be sure to tell your users DON’T LOG IN AS ROOT! But… just in case they must… DON’T LOG IN AS ROOT! Instead, have them open up a terminal window and either “su” to root or use “sudo”. And just in case you didn’t hear me the first time, DON’T LOG IN AS ROOT!

11: Losing windows to the pager

The pager is one of the handiest features of the Linux desktops. But over and over, I’ve seen that new users don’t quite understand what the pager is for and what it does. Because of this, they will “lose” their windows from the desktop. Where did it go? It was there a moment ago! I guess it crashed. No. More than likely, they moved it to another desktop. Another desktop? You see where this is going? Help the new user understand what the pager is and how useful it can be.

12: Ignoring security because it’s Linux

A big part of me still wants to boast and say, “In the 12 years I have used Linux, I have never once had a virus or worm or been hacked.” Although that is true, it doesn’t mean I should ignore security. I have witnessed the effects of a rootkit on a Linux machine. They aren’t pretty and data will be lost. Tell your users that they can’t ignore security just because they’re using Linux. Security is crucial, regardless of the OS.

Source: http://www.zdnet.com/blog/btl/10-mistakes-linux-newbies-make/34444?tag=nl.e539

FaceBook Things to Stop Doing Now URGENTLY

noreply@blogger.com (Bauani) — Sat, 15 May 2010 08:50:40 PDT

Facebook, a so called Social Networking Website, used by most of Internet User. But do you know what you are doing? People like me are providing such kind of information on their profile which is same as walking street without any cloth!! Yes, I mean it. To stop the identity thief or cyber criminal, you MUST do following things right now:

Protect Your Account with Strong Password:

Avoid simple names or words you can find in a dictionary, even with numbers tacked on the end. Instead, mix upper- and lower-case letters, numbers, and symbols. A password should have at least eight characters. One good technique is to insert numbers or symbols in the middle of a word, such as this variant on the word "houses": hO27usEs!

Leaving Your Full Birth Date in Your Profile:

It's an ideal target for identity thieves, who could use it to obtain more information about you and potentially gain access to your bank or credit card account. If you've already entered a birth date, go to your profile page and click on the Info tab, then on Edit Information. Under the Basic Information section, choose to show only the month and day or no birthday at all.

Overlooking Useful Privacy Controls

For almost everything in your Facebook profile, you can limit access to only your friends, friends of friends, or yourself. Restrict access to photos, birth date, religious views, and family information, among other things. You can give only certain people or groups access to items such as photos, or block particular people from seeing them. Consider leaving out contact info, such as phone number and address, since you probably don't want anyone to have access to that information anyway.

Posting Your Child's Name in a Caption

Don't use a child's name in photo tags or captions. If someone else does, delete it by clicking on Remove Tag. If your child isn't on Facebook and someone includes his or her name in a caption, ask that person to remove the name.

Mentioning That You'll Be Away From Home

That's like putting a "no one's home" sign on your door. Wait until you get home to tell everyone how awesome your vacation was and be vague about the date of any trip.

Letting Search Engines Find You

To help prevent strangers from accessing your page, go to the Search section of Facebook's privacy controls and select Only Friends for Facebook search results. Be sure the box for public search results isn't checked.

Permitting Youngsters to Use Facebook Unsupervised

Facebook limits its members to ages 13 and over, but children younger than that do use it. If you have a young child or teenager on Facebook, the best way to provide oversight is to become one of their online friends. Use your e-mail address as the contact for their account so that you receive their notifications and monitor their activities. "What they think is nothing can actually be pretty serious," says Charles Pavelites, a supervisory special agent at the Internet Crime Complaint Center. For example, a child who posts the comment "Mom will be home soon, I need to do the dishes" every day at the same time is revealing too much about the parents' regular comings and goings.

Posted by: Ahamed Bauani
Copyrighted 2009, Consumers Union of U.S., Inc. All Rights Reserved.

Warning: Sending Useless Data to /dev/null Create CPU Hot and Sending to /dev/random Make Network Angry!!

noreply@blogger.com (Bauani) — Thu, 13 May 2010 07:30:24 PDT

We, the so called 'SysAdmins' including me have habit to send useless data to '/dev/null' to destroy it forever. Bye they way '/dev/null' is an special virtual device on Linux / Unix / BSD like system (Operating System) .

I am wandering to know that sending / redirecting useless data to /dev/null is just creating heat! Yes, every byte send to '/dev/null' is converted as heat, increase temperature of CPU finally environment.

It goes into a special data sink in the CPU where it is converted to heat which is vented through the heatsink / fan assembly. This is why CPU cooling is increasingly important; as people get used to faster processors, they become careless with their data and more and more of it ends up in /dev/null, overheating their CPUs. If you delete /dev/null (which effectively disables the CPU data sink) your CPU may run cooler but your system will quickly become constipated with all that excess data and start to behave erratically. If you have a fast network connection you can cool down your CPU by reading data out of /dev/random and sending it off somewhere; however you run the risk of overheating your network connection and / or angering your ISP, as most of the data will end up getting converted to heat by their equipment, but they generally have good cooling, so if you do not overdo it you should be OK - From FreeBSD Manual

On that manual Mr. Paul Robinson show other method which will not generate any heat. He added:

There are other methods. As every good sysadmin knows, it is part of standard practice to send data to the screen of interesting variety to keep all the pixies that make up your picture happy. Screen pixies (commonly mis-typed or re-named as “pixels”) are categorized by the type of hat they wear (red, green or blue) and will hide or appear (thereby showing the color of their hat) whenever they receive a little piece of food. Video cards turn data into pixie-food, and then send them to the pixies -- the more expensive the card, the better the food, so the better behaved the pixies are. They also need constant stimulation -- this is why screen savers exist.

To take your suggestions further, you could just throw the random data to console, thereby letting the pixies consume it. This causes no heat to be produced at all, keeps the pixies happy and gets rid of your data quite quickly, even if it does make things look a bit messy on your screen.

Incidentally, as an ex-admin of a large ISP who experienced many problems attempting to maintain a stable temperature in a server room, I would strongly discourage people sending the data they do not want out to the network. The fairies who do the packet switching and routing get annoyed by it as well.

Source: FreeBSD Manual, Funny Part

Now it's your choice, /dev/null or /dev/random or console or another place, where I am waiting to receive your data to get a credit card number or financial data;)

Ahamed Bauani

http://www.bauani.org/

Eastern Housing Pallabi Phase-II Project Plot for Sell very urgently

noreply@blogger.com (Bauani) — Mon, 10 May 2010 14:41:11 PDT

Please be intimated that, I've decided to sell my plot very urgently. Particulars of the plot are as under:

Project Location: Eastern Housing Pallabi Phase-II Project, Pallabi, Dhaka.
Plot Location: Block "J". Located on the Tri-Junction of 40 feet roads.
Size : 2.5 Katha, 50 x 36 Square feet.
Facing: South-West Facing Corner Plot
Registration & Mutation: Completed
Utility Charge: Paid.
Present Status: Ready Plot, Gas & Electricity line laid, Water line laying in progress.
Price: Negotiable

If you or your friends/relatives are interested for the above mentioned plot, then please call me over mobile (from 07:00 PM to 11:00 PM).

Once again, I apologize and regret any inconvenience.

On behalf of:

Saiful Islam

SMS to +01818228264 if you want to buy this plot.

Lockdown Facebook Profile to Protect Privacy and Security

noreply@blogger.com (Bauani) — Mon, 10 May 2010 14:37:28 PDT

Jason Perlow is a technologist with over two decades of experience integrating large heterogeneous multi-vendor computing environments in Fortune 500 companies decided after all of FaceBook’s continual invasions on his personal privacy by sharing data to people and services which he don’t want — and by being completely irresponsible and untrustworthy in terms of computer security — that it was time to lock down his profile and minimize his exposure, while still allowing select people to interact with him on his user Profile.

With FaceBook, this is a very difficult thing to be able to balance, and he still not 100 percent sure that he wouldn't be served by destroying his profile and leaving the service altogether, but I believe that for the time being, I’ve been able to create some sort of “miserable medium” that he can tolerate. This is the advice about Facebook Profile Security from Mr. Jason Perlow.

Are you agree with him? To read more of his blog related to Facebook Profile Security & Privacy, Click Here

FaceBook is an extremely complicated and confusing online service to use, with lots of settings that are needed to secure a profile and prevent undesired dissemination of information. Because I no longer trust the service whatsoever, I’ve created a “How-To” for the advanced user for locking down their profile and minimizing their risk
Keep in mind that this Lockdown I created is an extremely draconian method — nobody will be able to share your information or your statuses, you will not have any personally identifying information unless you absolutely chose to, and only the most essential applications will be authorized.
The user for which I have in mind is someone who is extremely concerned about their personal privacy and security, but also may wish to have people contact them via a brand or a business or some other following they maintain - Jason perlow

He also wrote about Twitter.Com, another micro blog service. His full writing can be found here and don't forget to post your comments. I wish to know what you think about he privacy & security of social networking sites.

Ahamed Bauani

Bangladesh BTCL Purchase Internet Gateway India

noreply@blogger.com (Bauani) — Sun, 09 May 2010 10:08:34 PDT

Dear All

This is to inform you that, BTCL start migrating there service from SingTEL & Seabone Italy, to TATA, India. We are now experiencing problem (Slow Bandwdth, Connection Lost abnormal behaver etc). Support personals of BTCL has been informed via SMS as he is not reachable over phone.

Update will be Posted here Soon, Please return back to see update.

UPDATE: Yas, BTCL has established connectivity with TATA (AirTel), See bellow the traceroute information from an ISP in Dhaka:

traceroute www.kernel.org

traceroute to www.kernel.org (149.20.20.133), 30 hops max, 40 byte packets

1 * * * 0.119 ms 0.103 ms 0.105 ms

2 * * * 0.847 ms 0.864 ms 0.939 ms

3 123.49.*.* (123.49.*.*) 7.829 ms 7.907 ms 8.329 ms

4 123.49.13.82 (123.49.13.82) 8.107 ms 8.265 ms 8.412 ms

5 AES-Static-001.1.22.125.airtel.in (125.22.1.1) 59.300 ms 59.340 ms 59.329 ms

6 ge-2-1-0.r03.sngpsi02.sg.bb.gin.ntt.net (129.250.12.229) 59.617 ms 59.681 ms 59.736 ms

7 as-3.r20.osakjp01.jp.bb.gin.ntt.net (129.250.3.48) 128.549 ms 132.062 ms ae-10.r21.tokyjp01.jp.bb.gin.ntt.net (129.250.2.100) 130.474 ms

8 as-2.r21.snjsca04.us.bb.gin.ntt.net (129.250.5.81) 237.385 ms as-2.r20.snjsca04.us.bb.gin.ntt.net (129.250.2.164) 251.019 ms as-2.r21.snjsca04.us.bb.gin.ntt.net (129.250.5.81) 237.687 ms

9 ae-1.r21.plalca01.us.bb.gin.ntt.net (129.250.5.32) 254.425 ms 253.386 ms ae-0.r20.plalca01.us.bb.gin.ntt.net (129.250.4.118) 242.563 ms

10 po-2.r03.plalca01.us.bb.gin.ntt.net (129.250.5.142) 302.849 ms po-1.r03.plalca01.us.bb.gin.ntt.net (129.250.3.230) 300.478 ms po-2.r03.plalca01.us.bb.gin.ntt.net (129.250.5.142) 302.245 ms

11 ge-1-11.r03.plalca01.us.ce.gin.ntt.net (140.174.21.194) 286.067 ms 300.675 ms 297.369 ms

12 int-0-0-0-0.r1.sjc3.isc.org (149.20.65.19) 284.419 ms 294.534 ms 300.792 ms

13 pub1.kernel.org (149.20.20.133) 296.704 ms 299.576 ms 288.484 ms

See Hop number 5 & 6, Airtel Network. Again, Nothing to say...

* IP has been removed for identity purpose.

Cross Posted on: BTCL, Bangladesh Telephone Company Purchased Internet Service From India

Google Mail is becoming Gmail in the UK - 60 Million Keystroke Save per Day

noreply@blogger.com (Bauani) — Thu, 06 May 2010 02:42:38 PDT

Google Mail is becoming Gmail in the UK - Official Gmail Blog:

"If you already have a Google email account in the UK, you'll soon have the option to switch your existing @googlemail.com address to the matching @gmail.com one, but you're also free to stick with @googlemail.com. And starting later this week, anybody who signs up for a new account in the UK will get an @gmail.com address. Since 'gmail' is 50% fewer characters than 'googlemail,' we estimate this name change will save approximately 60 million keystrokes a day. At about 217 microjoules per keystroke, that's about the energy of 20 bonbons saved every day!"

UK @GOOGLEMAIL.COM Switch to @GMAIL.Com will Save 60 Million Keystrokes Equals to 20 Bonbons of Energy!

noreply@blogger.com (Bauani) — Thu, 06 May 2010 02:30:46 PDT

Almost everyone using @gmail.com knows that email to someone@gmail.com and someone@googlemail.com will reach same inbox. In UK Google Email User by Default get @googlemail.com during signup. Recently Google's Gmail Official Blog Announced that by next week by default Google Email page will give option to switch existing user to use @gmail.com instead of @googlemail.com.

If you already have a Google email account in the UK, you'll soon have the option to switch your existing @googlemail.com address to the matching @gmail.com one, but you're also free to stick with @googlemail.com. And starting later this week, anybody who signs up for a new account in the UK will get an @gmail.com address. Since "gmail" is 50% fewer characters than "googlemail," we estimate this name change will save approximately 60 million keystrokes a day. At about 217 microjoules per keystroke, that's about the energy of 20 bonbons saved every day! - Article of UK Google Email user on Google Gmail Official Blog

See, how much big Google is, just removing 4 Character from Email address will Save about 60 million keystroke per day which is about 217 microjules per keystroke and 20 bonbons energy per day!!!

If Google can reduce power consumption, why not we can save power for Bangladesh? Hope to Write more about saving on my Green Bangladesh Blog very soon.

Thanks to all

Ahamed Bauani

May 5, the last of the Internet’s 13 root servers will transition to (Domain Name System Security Extensions) DNSSEC. Are you ready?

noreply@blogger.com (Bauani) — Wed, 05 May 2010 08:31:40 PDT

Are you ready for May 5, When the worldwide DNS (Domain Name System) root servers change their policy of replying your query? Yes, May 5, 2010 is the date when ALL root servers around world is going to change there answering procedure to Your DNS Query.

According to 2008 TechRepublic Article on DNSSEC, May 5, 2010 is the last day when current procedure of DNS query will change could be effect your Internet Network if there is any old Router, Firewall, DNS Server, DNS Resolver etc on your Internet Network Path.

If you haven’t done so already, May 5 will be a good day to make sure your network is ready for DNSSEC. On May 5, the last of the Internet’s 13 root servers will transition to (Domain Name System Security Extensions) DNSSEC. While the transition won’t bring Internet traffic to a screeching halt, it could pose a problem for network administrators and users working with older DNS servers, routers, firewalls, and modems - The TechRepublic Article

My Current Project, Dhaka Wireless, Mission to Connect End User with Wireless (WiFi) Network has already change there all equipments or software to serve Internet to their customer smoothly.

Just to remind my fellows to check your network, specially firewall and DNS server (Resolver or Others) that are compiled with new system.

Your valuable input will much appropriable.

Regards

Ahamed Bauani

BTCL Trying to Hide There Own Problem by Saying SEA-ME-WE4 Submarine Cable problem

noreply@blogger.com (Bauani) — Thu, 15 Apr 2010 06:28:17 PDT

From Yesterday Afternoon Internet Users of Bangladesh where suffering connectivity / speed problem which is still running. Most of Internet User in Bangladesh, Specially users in Dhaka are facing most slowest Internet service.

I myself is currently working for an ISP, which was disconnected from Internet Yesterday (1st Day of Bangla Year 1417). I had go there office, check everything and call BTCL to know what is going on. Unfortunately BTCL, Bangladesh Telephone Company Limited didn't provide any information about the problem. Latter, I got to know from other source that there was a Submarine Fibre Cable Called "SEA-ME-WE-4" (The South East Asia-Middle East-West Europe 4) Problem, which is totally wrong.

Officials of the Bangladesh Telecommunication Company Limited said Thursday that their subscribers will have less bandwidth due to a technical problem.

A high official of the BTCL's submarine cable project, on condition of anonymity, told bdnews24.com that a short circuit at the Italian landing station at Palermo has disconnected Bangladesh partially.

He said that BTCL was receiving only a portion of its regular bandwidth from Singapore leading to slow internet connection and in some cases no connection at all, for BTCL subscribers.

The official, also a top-ranking administrator of Bangladesh Submarine Cable Company, said he hoped that Bangladesh would get reconnected with Italy within a few days. -- Reported by BDNews24.Com, Bangladesh's first Internet Newspaper

A New ISP, named 'Dhaka Wireless', provide wireless Internet Connection in Dhaka, Bangladesh has changed their regular homepage with a black and white page to protest this conspiracy of BTCL, the state own International Internet Gateway License Holder.

BTCL was connected with Internet via Seabone, has reported that there is no problem at there end. There is no fibre related issue, reported by Seabone and SEA-ME-WE-4 Control Center.

BTRC, Bangladesh Telecommunication Regulatory Board has issued 2 IIG (International Internet Gateway) License, one is BTCL, own by Government and Other is Mengo Telecom which is Privately Owned has no problem at all. ISP's connected with Mengo Telecom is getting there required bandwidth. Now the Question is Who is Doing What & The most unique is "Why"? At the time of Mengo Telecom Started, BTRC issued a letter to ALL ISP to Purchase at-least 40% of Total bandwidth from Mengo. Recently the rules has withdrawn.

Cross Posted on: Internet Service Provider of Bangladesh Blog

Apache.org hit by targeted XSS attack, passwords compromised

noreply@blogger.com (Bauani) — Tue, 13 Apr 2010 10:02:33 PDT

Combining a cross-site scripting (XSS) vulnerability with a TinyURL redirect, hackers successfully broke into the infrastructure for the open-source Apache Foundation in what is being described as a “direct, targeted attack.”

The hackers hit the server hosting the software that Apache.org uses to it to track issues and requests and stole passwords from all users. The software was hosted on brutus.apache.org, a machine running Ubuntu Linux 8.04 LTS, the group said.
The passwords were encrypted on the compromised servers (SHA-512 hash) but Apache said the risk to simple passwords based on dictionary words “is quite high” and urged users to immediately rotate their passwords. ”In addition, if you logged into the Apache JIRA instance between April 6th and April 9th, you should consider the password as compromised, because the attackers changed the login form to log them,” Apache said. - Zdnet Blog

On April 5th, the attackers via a compromised Slicehost server opened a new issue, INFRA-2591. This issue contained the following text:

ive got this error while browsing some projects in jira http://tinyurl.com/XXXXXXXXX [obscured] - Apache's Own Blog

To read More, Read Zdnat Articles on Apachi.org Hijack

UPDATE:

I received an email from Apache.org, which I am posting ''as it is" basis:

Dear Ahamed Bauani,

You are receiving this email because you have a login, 'myusername', on the Apache JIRA installation, https://issues.apache.org/jira/

On April 6 the issues.apache.org server was hacked. The attackers were able to install a trojan JIRA login screen and later get full root access:

https://blogs.apache.org/infra/entry/apache_org_04_09_2010

We are assuming that the attackers have a copy of the JIRA database, which includes a hash (SHA-512 unsalted) of the password
you set when signing up as 'myusername' to JIRA. If the password you set was not of great quality (eg. based on a dictionary word), it should be assumed that the attackers can guess your password from the password hash via brute force.

The upshot is that someone malicious may know both your email address and a password of yours.

This is a problem because many people reuse passwords across online services. If you reuse passwords across systems, we urge you to change your passwords on ALL SYSTEMS that might be using the compromised JIRA password. Prime examples might be gmail or hotmail accounts, online banking sites, or sites known to be related to your email's domain, bauani.org.

Naturally we would also like you to reset your JIRA password. That can be done at:

https://issues.apache.org/jira/secure/ForgotPassword!default.jspa?username=myusername

We (the Apache JIRA administrators) sincerely apologize for this security breach. If you have any questions, please let us know by email.

We are also available on the #asfinfra IRC channel on irc.freenode.net.

Regards,

The Apache Infrastructure Team

Posted by:

Ahamed Bauani

Contributor, The Apache Foundation

http://blog.bauani.org/

500 Things Every Technology Professional Needs to Know

noreply@blogger.com (Bauani) — Sat, 10 Apr 2010 04:36:55 PDT

Did you know Microsoft's RegClean does not work with XP but you can use shareware to clean your registry? Did you know most wireless access points don't have encryption enabled by default? Did you know there are 500 tidbits of information contained in TechRepublic's 500 Things Every Technology Professional Needs to Know that will help you become a successful IT professional...

We Want A GE Free Future, Join with Greenpeace International

noreply@blogger.com (Bauani) — Thu, 01 Apr 2010 09:14:57 PDT

The European Commission has just allowed genetically engineered crops into Europe, ignoring safety concerns of the public interest. I've just joined a new EU initiative with Greenpeace, Avaaz and Friends of the Earth - calling for a moratorium on GE crops in the EU. With 1 million citizens' signatures, we can make an official legal request to the European Commission. Sign below and let's get to 1 million:

You can read more and sign the petition here: http://www.greenpeace.org/GEpetition

Thanks!

GreenPeace International

Cross Posted on: Green Bangladesh Blog

Detecting suspicious account activity

noreply@blogger.com (Bauani) — Sat, 27 Mar 2010 09:05:15 PDT

Official Gmail Blog: Detecting suspicious account activity

Google Official Blog has announce a new feature to protect their user from cyber criminal and make you safe. See the above link for more information. This is really useful.

Thanks

Ahamed Bauani

Blacksn0w RC2 for iPhone unlock Version 3.1.3

noreply@blogger.com (Bauani) — Thu, 25 Mar 2010 08:17:27 PDT

Core Builder Blog for 1/100 Hack and Help: Blacksn0w RC2 for iPhone unlock Version 3.1.3

It seems help user of Bangladeshi iPhone User want to update there hardware in 3.x.x. Why don't you people give a try;)

Twenty Website of Bangladeshi District Hacked which Was Maintain by Prime Minister Office

noreply@blogger.com (Bauani) — Thu, 01 Apr 2010 09:40:42 PDT

Twenty Bangladeshi district website has been hacked on Saturday, March 20, 2010. Thais Twenty district website out of Sixty Four district was hacked. Thais website is operated by Prime Minister's Office under a project of "Access to Information (A2I) Project"

The hacker(s) claimed to be Indian and threatened Bangladesh to take steps to stop entering Pakistani terrorist to India using Bangladesh as a transit point. If Bangladesh failed to do so, they also threatened to start cyber war targeting Bangladeshi Internet Communication.

In a query from The Daily Start Newspaper,

Home Secretary Abdus Sobhan Sikder said they have already restored the websites and cyber-crime experts in Rab and Special Branch of Police are working to detect the hackers. He also added that Earlier such incidents took place but the hackers were detected. Now he also hopeful of tracing the hackers on this incidents.

The text on the hacked sites reads, "Secure border between INDIA and BANGLADESH If any terrorist send by Pakistan came via Bangladesh route then I will be danger to YOU Cyber War will be started this is demo We don't want more 26/11 in India. GOVERMENT LOOK AT IT ELSE CYBER WAR WILL START ....WE ROOTED AND ----- YOUR ISP ! " "EMIL INDIAN HACKER HackeD Your System [sic]."

After the sites were hacked they flashed some Hindi letters and "JAI HIND!".

In instant reactions, Yeafesh Osman, state minister for science and ICT, told The Daily Star that the related body has started working to get the sites back up. He also added that hackers broke into system to get secret information. -The Daily Star News.

Lt Col Ziaul Ahsan, director intelligence wing of the Rapid Action Battalion, said, "We have been informed of the matter and are working to track down the hackers."

Earlier Website of RAB Hacked by a Young Boy Studying in a Private University. That boy also hacked Bangladesh Military Website. That was another story.

Actually This is not a Hacking Incident. In Bangladesh, Government Start any Project by Tender. After finishing the Tender Job, the Contractor get paid. Just after few day the job is done, there is nobody to maintain or check the status of project. In Internet, websites own by Government is not the same project like others. There is various issue related to security, access, responsibility and accountability. Also usability. This seems that the said 'Hacker' run few scripts available in Internet. This scripts normally scan a vulnerable service and gain access. This is a simple job. But Bangladesh Government Should Take The Incident seriously. this is the beginning. Nobody can say where it will stop. So BE CAREFULLY.

Ahamed Bauani

Freelance ICT Consultant &

Complex Internet Routing Expert.

http://blog.bauani.org/

Update: Meeting on Cyber Security Held on Bangladesh Prime Ministers Office (PMO)

BTRC Cancel 16 Bangladeshi ISP License due to involvement in illegal VoIP Business

noreply@blogger.com (Bauani) — Sat, 20 Mar 2010 07:05:42 PDT

Total 24 ISP in Dhaka, Bangladesh is Blacklisted and 16 of Them has penalized by Cancelling their ISP Operation License due to Relation of illegal VoIP Service. Telecommunication Regulatory authority is investigating other 8 ISP(s) data, log and other related documents, which will help commission to proof the allegation of illegal VoIP Business. Earlier, RanksTEL, a Bangladeshi fixed line operator (PSTN) has shut-down due to same reason.

A trusted source from BTRC (Bangladesh Telecommunication Regulatory Commission) has confirmed the News, but request me not to disclose his Name. BTRC will announce this massages either by a press release or a press conference.

The Name of ISP, Operating License Cancelled by BTRC hasn't published yet. Last few days, BTRC and their consultants were monitoring the usages of Bandwidth in BTCL & Mango Telecom, both are IIGW Licences holder of Bangladesh. BTCL is operated by Bangladesh Government & Mango Telecom is one an only Private Sector IIGW License Holder. During this monitoring time, I received a lot of call from various ISP's to solve abnormal bandwidth, they said that they where having various problem with connectivity with BTCL. Effected ISP were not getting there assigned bandwidth or Bandwidth where too poor to use. Fortnightly ISP's I worked for were not in blacklisted and I didn't find any cause of problem they where having. Anyway, Let's wait and see who are they doing this type of illegal Business and harming country's value & revenue.

Any Update will Post Here ....

Thank You

Ahamed Bauani

http://www.bauani.org/

Blogger.com Deleted My 2 Blog Regarding Stock Market of Bangladesh

noreply@blogger.com (Bauani) — Sat, 06 Mar 2010 07:31:21 PST

2 of my blog deleted and the cause was 'SPAM'. Both blog was on Stock Exchange News update of Bangladesh.

First one was deleted on: 1st February, and the URL was:

http://dhaka-stock-exchange-news.blogspot.com/
It was an established blog with all post contents reference and Copyright Information. It was running good. In Bangladesh there is something Gambling happening in stock market in very soon. On that blog my last post was about this Gambling issue, how it is going to happening which will just crash our economy. But without any notification Blogger Deleted the Blog with Reasons "SPAM".

After that I created another URL:
http://bangladesh-stock-exchange-news.blogspot.com/

on 2nd February. It was also running fine. Today I posted a news from URL "http://nation.ittefaq.com/issues/2010/03/02/news0017.htm" that authority of Stocks Exchange received thread to death, if they don't open netting facility. Just after This posting, Blogger deleted this blog with same cause "SPAM". How it possible? There is no way to contact Google Authority to re-verification. I can understand now that there is a very very big black hand behind The Gambling on our Country's Stock Market. Anyway, my Country is Bangladesh

Thanks
Ahamed Bauani
http://www.bauani.org/

Update: Bangladesh police arrest Facebook share tipster