Thoda sa main...(A little bit of me)

Prefetch files (.pf) - How to view them

2010-01-09T01:10:00.000-08:00

Every time you run an application on Windows box, a prefetch file is created in "c:\WINDOWS\Prefetch". This file with extension .pf keeps information for optimizing the load time of the application (as the name suggests).

I always wanted to see what's there in the .pf file. Recently NirSoft has released a tool called WinPrefetchView which can be used to see the content of these files.

image source : nirsoft.net

Note: This website http://nirsoft.net is a wonderful resource for nice tiny utilities for many system & password plays.

The year 2009

2009-12-31T06:25:00.000-08:00

On the brighter side :)
# Shifted to Delhi from Pune.
# Bought another car.
# Worked for Commonwealth Games 2010.
# Finally got married to Stuti.
# Went to Puri & then Nainital for honeymoon.
# Delivered talks/lectures in IIM Ahmedabad & IIT Madras.
# Tajmahal & Delhi tourism with Stuti along with few more places in north.
# Decided to quit Commonwealth Games 2010.
# Organized ClubHack2009.
# Organized Indo-UK cyber security roundtable conference in ClubHack2009.
# Did wardriving in Pune again
# Worked for some serious national security projects.
# & right now baking a cake for the new year :)

On the down side :(
# No bike rides this year. Need to get back there.
# No more girlfriends, those were the days...
# Very less parties, need to party more
# Didn't organized even a single BarCamp, just attended one.

In total a very happening year. Hope to have 2010 a better one

Wish you all the readers a very happy & prosperous new year.

Smartphone Security Tips

2009-12-23T07:59:00.000-08:00

image: wikipedia

Christmas & New year is here and its the time many people buy/exchange gifts. So if the next shiny gift in your hand is a smartphone, then remember following tips to be safe & secure your data.

1. Don't loose track of your phone.
This one goes non-technical. Don't loose the sight of your smartphone. Keep you eyes on it when you leave it anywhere, especially at the airport security checkin. The nature of data stored on phone makes it more important now

2. Turn off Wifi & Bluetooth
Keep wifi & bluetooth turned off when not in use. I'm sure you are smart enough by now not to accept unknown bluetooth connections but what about wifi. When you use wifi, always remember to use encrypted connections. BTW turning these off will also conserve your battery.

3. Do not sync everything
Its the first thing everyone tries to do after getting a smartphone, sync it up with your PC. Though it comes very handy, but avoid the temptation of syncing your password and very critical information which you often store in notes of outlook or similar apps. If the phone gets stolen, just remember you might be giving away everything.

4. Do not click on links in emails/sms.
SPAM has also gone smartphone way, now and then you might get an SMS/MMS for some offer and link to click. DONOT click any such link unless you have verified it in depth. Same goes for mails on phone, follow the similar rule of your PC.

5. Download apps with care.
The first thing anyone would love to do after getting a shiny new phone is download & install applications, that too loads of them. Always make sure you are downloading them from trusted sources. Sometime common apps are rebundled with malwares and kept for download at different websites. If you know an application, download it from its parent website only.

6. Backup your data.
Most importantly keep a backup of our data. A regular sync with PC will ensure this but still make sure you have copies of the phone data on your PC which I hope is regularly getting backed up.

Smartphones are actually the best gadget to digitise your life and really are very helpful. All you need to do is take little extra care and make it safe.

Merry Christmas & Happy New Year

two one za two

2009-12-16T06:28:00.000-08:00

two one za two
two two za four
two three za six

many of us have grown up mugging this and I always wondered what is this ZA, is it a synonym of "equals to" ??

Just a casual browsing today answered this long pending query of mine

its actually

two 1s are two
two 2s are four
two 3s are six

Thanks to the anonymous who clarified this thing to me today.

If we divide the whole table in columns, I always thought that its the "1st column" being counted "2nd column" times gives you the result in "3rd column". Its actually the "2nd column" counted "1st column" time gives you the result in "3rd column".

Confused? Have fun....

Download the Google Chrome OS Virtual Machine

2009-11-20T19:02:00.000-08:00

Last week, Techcrunch reported rumors of the release of the Google Chrome OS. They stated that the info came from a reliable source, and indeed that source was reliable. Google had an event at their headquarters, and indeed provided new details and a demo of the Chrome OS. The Chromium Blog has some great videos that provide some additional information about Chrome OS as well.

The Chromium OS source code is available for download (Chromium OS is the open-source version of Google Chrome OS), and you can compile and build it. It took some time, but I did manage to do this on my 64-bit Ubuntu 9.04 (Jaunty Jackalope) machine. I also managed to put together a VirtualBox virtual appliance that is all ready to go. I built a torrent for it, so feel free to download it here:

Download the Chromium OS VirtualBox Appliance Torrent

Please continue to seed, as I’m sure there will be many people out there wanting to try it out.

To use it, just start up VirtualBox, click File and then Import. Navigate to the chromiumos.ovf file and select it. The virtual appliance will be imported into VirtualBox and you should be good to go.

I also included a txt file that more or less has the commands I used to build it. You may be able to run it as a script, although I haven’t confirmed that it will work. I guess you could say I more or less took “script-like notes” as I was building Chromium OS.

If you hit Ctrl+Alt+T when you first log in, you’ll get a shell prompt. You can run “sudo su” (no quotes) to log in as root, and I’ve set the password to “password” (no quotes). If you use this machine for anything serious (although I doubt you would), be sure to change the password.

You should be running VirtualBox 3.0.12, and when you import the virtual appliance everything should be configured properly. If you get an error that says “network not connected and offline login fail” when you try to log in, be sure that the virtual network adapter is set to Intel Pro/1000 MT Desktop (82540EM).

If the network adapter is already properly configured but you are still seeing the error, try logging in with the user “chronos” with the password “password” (no quotes). This should log you in and bring up the chrome browser window. If you don’t see a Google Accounts login screen, try hitting the refresh button. That should bring up the Google Accounts login screen.

It is absolutely astounding how fast it boots. It really is nearly instant-on and takes a mere few seconds to bring up the login screen.

Once you log in with your Gmail account, it launches and you’ll see the Chromium interface open up to your Gmail. There is also a Google Calendar tab and a New Tab tab. The little chrome sphere appears in the upper left corner, but when you click on it you don’t get a menu as you see in some of the Chrome OS videos. Instead, you get a Google.com account login page.

As you can see, it looks very much like the Chrome OS screenshots that had surfaced last month. Of course, being that this is running on a virtual machine without any decent video drivers on the operating system, the resolution is quite low (800×600). Your dear old granddad may be the only one that actually finds it visually appealing at this resolution.

Right now the most impressive thing is how fast this operating system loads. Of course, it should load fast because there really is hardly anything there. In any case, it is rather neat to see an early release in action. The fact that it actually works on a virtual machine is quite promising. Eventually as drivers for more hardware are incorporated into it, it should be possible to run it your own real hardware.

I just went into the Chrome OS Wave I found with the link to the VMWare disk image, and apparently the poor guy that posted that file to Amazon Web Services ran up a $380 bill so he took the file down. Here’s the torrent of the same file posted up on Pirate Bay:

Download the Chromium OS VMWare Virtual Disk Image Torrent

However, I haven’t tried using it, so I can’t confirm that it will run on VMWare without issue. Enjoy your Google Chrome OS virtual machines!

[Via GeekLad]

Mind it, this is a simple copy of the blog entry, I was quite busy in preps of http://clubhack.com/2009 and no time to test this or re-write this :)

No responsibilities if this torrent/VM doesn't work ;)

Sunday fun blogging: Is that how twins are made...

2009-10-31T22:18:00.000-07:00

I thought you had to do it twice in a row ;)

Windows lovers' way

mac fanboys' way

What way will a Linux geek use? cp or ctrl+yy or something else???

Source: http://www.geeksaresexy.net/

Password analysis from 10,000 leaked Hotmail passwords

2009-10-07T22:44:00.000-07:00

On 5th October theregister reported more than 10,000 password were leaked mysteriously on pastebin.com. See this tweet

As a followup study "Acunetix Web Application Security Blog" did an analysis on the kind of password people use.

Some interesting findings are as follows-

Statistics:
The list initially contained 10,028 entries.
There are 8931 (90%) unique passwords in the list.

The longest password was 30 chars long: lafaroleratropezoooooooooooooo.
The shortest password was 1 char long : )

Top 20 most common passwords:

123456 - 64 times
123456789 - 18 times
alejandra - 11 times
111111 - 10 times
alberto - 9 times
tequiero - 9 times
alejandro - 9 times
12345678 - 9 times
1234567 - 8 times
estrella - 7 times
iloveyou - 7 times
daniel - 7 times
000000 - 7 times
roberto - 7 times
654321 - 6 times
bonita - 6 times
sebastian - 6 times
beatriz - 6 times
mariposa - 5 times
america - 5 times

Password length distribution:
1 chars – 2 – 0 %
2 chars – 4 – 0 %
3 chars – 4 – 0 %
4 chars – 31 – 0 %
5 chars – 49 – 1 %
6 chars – 1946 – 22 %
7 chars – 1254 – 14 %
8 chars – 1838 – 21 %
9 chars – 1091 – 12 %
10 chars – 772 – 9 %
11 chars – 527 – 6 %
12 chars – 431 – 5 %
13 chars – 290 – 3 %
14 chars – 219 – 2 %
15 chars – 157 – 2 %
16 chars – 190 – 2 %
17 chars – 56 – 1 %
18 chars – 17 – 0 %
19 chars – 7 – 0 %
20 chars – 14 – 0 %
21 chars – 10 – 0 %
22 chars – 8 – 0 %
23 chars – 3 – 0 %
24 chars – 3 – 0 %
25 chars – 3 – 0 %
26 chars – 0 – 0 %
27 chars – 3 – 0 %
28 chars – 0 – 0 %
29 chars – 1 – 0 %
30 chars – 1 – 0 %

What kind of passwords were in the list? :

3,713 = 42 %; lower alpha passwords : passwords containing only characters from ‘a’ to ‘z’.
Example : iloveyou
291 = 3 %; mixed case alpha passwords : passwords containing characters from ‘a’ to ‘z’ and from ‘A’ to ‘Z’.
Example: ILoveYou
1707 = 19 %; numeric passwords: passwords containing only numbers (’0′ to ‘9′)
Example: 123456
2655 = 30 %; mixed alpha and numeric passwords: passwords containing characters from ‘a’-'z’, ‘A’-'Z’ and ‘0′-’9′.
Example: Iloveyou12
565 = 6 %; mixed alpha + numeric + other characters.
Example: 1Love You$%@

Really wonderful analysis. Loved the way people think & care about their passwords

How to find the order in which drivers are loaded in Windows

2009-09-22T02:22:00.000-07:00

If you want to know the order in which Windows drivers are loaded during boot up you can see that. I'm not sure why would you like to know that but if you have time to kill you can try this.

C:\> wmic loadorder list full

The output will look something like this


DriverEnabled  GroupOrder  Name                                Status
TRUE           1           System Reserved                     OK
TRUE           2           Boot Bus Extender                   OK
TRUE           3           System Bus Extender                 OK
TRUE           4           SCSI miniport                       OK
TRUE           5           Port                                OK
TRUE           6           Primary Disk                        OK
TRUE           7           SCSI Class                          OK
TRUE           8           SCSI CDROM Class                    OK
TRUE           9           FSFilter Infrastructure             OK
TRUE           10          FSFilter System                     OK
TRUE           11          FSFilter Bottom                     OK
TRUE           12          FSFilter Copy Protection            OK
TRUE           13          FSFilter Security Enhancer          OK
TRUE           14          FSFilter Open File                  OK
TRUE           15          FSFilter Physical Quota Management  OK
TRUE           16          FSFilter Encryption                 OK
TRUE           17          FSFilter Compression                OK
TRUE           18          FSFilter HSM                        OK
TRUE           19          FSFilter Cluster File System        OK
TRUE           20          FSFilter System Recovery            OK
TRUE           21          FSFilter Quota Management           OK
TRUE           22          FSFilter Content Screener           OK
TRUE           23          FSFilter Continuous Backup          OK
TRUE           24          FSFilter Replication                OK
TRUE           25          FSFilter Anti-Virus                 OK
TRUE           26          FSFilter Undelete                   OK
TRUE           27          FSFilter Activity Monitor           OK
TRUE           28          FSFilter Top                        OK
TRUE           29          Filter                              OK
TRUE           30          Boot File System                    OK
TRUE           31          Base                                OK
TRUE           32          Pointer Port                        OK
TRUE           33          Keyboard Port                       OK
TRUE           34          Pointer Class                       OK
TRUE           35          Keyboard Class                      OK
TRUE           36          Video Init                          OK
TRUE           37          Video                               OK
TRUE           38          Video Save                          OK
TRUE           39          File System                         OK
TRUE           40          Event Log                           OK
TRUE           41          Streams Drivers                     OK
TRUE           42          NDIS Wrapper                        OK
TRUE           43          COM Infrastructure                  OK
TRUE           44          UIGroup                             OK
TRUE           45          LocalValidation                     OK
TRUE           46          PlugPlay                            OK
TRUE           47          PNP_TDI                             OK
TRUE           48          NDIS                                OK
TRUE           49          TDI                                 OK
TRUE           50          NetBIOSGroup                        OK
TRUE           51          ShellSvcGroup                       OK
TRUE           52          SchedulerGroup                      OK
TRUE           53          SpoolerGroup                        OK
TRUE           54          AudioGroup                          OK
TRUE           55          SmartCardGroup                      OK
TRUE           56          NetworkProvider                     OK
TRUE           57          RemoteValidation                    OK
TRUE           58          NetDDEGroup                         OK
TRUE           59          Parallel arbitrator                 OK
TRUE           60          Extended Base                       OK
TRUE           61          PCI Configuration                   OK
TRUE           62          MS Transactions                     OK
FALSE          63          Network                             OK
FALSE          64          Pnp Filter                          OK
FALSE          65          MMC                                 OK
FALSE          66          MemoryStick                         OK
FALSE          67          SmartMedia/XD                       OK
FALSE          68          ExtendedBase                        OK
FALSE          69          WdfLoadGroup                        OK

This will show you the order in which drivers are loaded on your windows box.

Note to self: stop posting if see that you haven't posted anything since long ;)

First cut preview of Firefox 3.5 in Hindi

2009-06-30T10:40:00.000-07:00

While downloading Firefox 3.5 I just noticed the new version was available in Hindi too. So I tried my hands on the Hindi locale of the Firefox 3.5 & here are some sneak previews

Main Window

File Menu

They tried translating everything

Tools > Options

But seems like were not able to succeed

An open Wedding Invitation to all my friends and followers online

2009-04-13T01:32:00.000-07:00

Wedding Website: http://shaadi.rohit11.com
Date: 27th April 2009
Place: Territorial Army Institute, Maidan, Kolkata
Time: 7pm Onwards

I'm TRYING to do a online streaming of the celebration with help of few friends for those who can't make it to the event. Details on the website.

All you need to do is RSVP in time if you can come so that I can make necessary arrangements.

Indian IT act made little easy for common man

2009-03-11T23:46:00.000-07:00

Understanding Indian IT act (& amendments) made little easy for common man

Crime: A mobile phone or computer or any electric device is stolen.
Section to be applied: 66B.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: Data owned by you or your company in any form is stolen.
Section to be applied: 66B.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: Data or computer or mobile phone owned by you is found in the hands of someone else.
Section to be applied: 66B.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: A password is stolen or used by someone else.
Section to be applied: 66C.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: An e-mail is read by someone else.
Section to be applied: 66C.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: A biometric thumb impression is misused.
Section to be applied: 66C.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: An electronic signature or digital signature is misused.
Section to be applied: 66C.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: A web page is created in your name and you have not authorized it.
Section to be applied: 66D.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: A Phishing e-mail is sent out in your name, say maligning someone or asking for donations.
Section to be applied: 66D.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: An Orkut profile is created in your name.
Section to be applied: 66D.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: An e-mail id is created on a website like hotmail or yahoo in your name.
Section to be applied: 66D.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: On an Internet chat site a false nickname is used.
Section to be applied: 66D.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: SMS’s are sent out in your name.
Section to be applied: 66D.
Punishment: Jail term up to 3 years and/or fine up to 1 lakh.

Crime: Clicking of an obscene photograph without a person’s consent or knowledge.
Section to be applied: 66E.
Punishment: Jail term up to 3 years and/or fine up to 2 lakh.

Crime: Transmitting of an obscene photo of a person unknowingly.
Section to be applied: 66E.
Punishment: Jail term up to 3 years and/or fine up to 2 lakh.

Crime: Placing a person’s obscene photo on a web site.
Section to be applied: 66E.
Punishment: Jail term up to 3 years and/or fine up to 2 lakh.

Crime: Sending a terror email.
Section to be applied: 66F.
Punishment: Jail term up to life.

Crime: Misusing a Wi-Fi connection for acting against the state.
Section to be applied: 66F.
Punishment: Jail term up to life.

Crime: Planting a computer virus that acts against the state.
Section to be applied: 66F.
Punishment: Jail term up to life.

Crime: Conducting a denial of service attack against a government computer.
Section to be applied: 66F.
Punishment: Jail term up to life.

Crime: Stealing data from a government computer.
Section to be applied: 66F.
Punishment: Jail term up to life.

Crime: Tampering with certain computer source code.
Section to be applied: 65.
Punishment: Jail term up to 3 years and/or fine up to 2 lakh.

Crime: Wrongful loss or damage caused by the use of technology by anyone.
Section to be applied: 66.
Punishment: Jail term up to 3 years and/or fine up to 2 lakh.

Crime: All activity relating to pornography in general.
Section to be applied: 67.
Punishment: Jail term up to 10 years and/or fine up to 1 lakh.

Crime: Any activity relating to child pornography.
Section to be applied: 67B.
Punishment: Jail term up to 5 years and fine up to 10 lakhs.

Crime: Every technology user must maintain logs of all e-activity that takes place.
Section to be applied: 67C.
Punishment: Jail term up to 3 years and/or fine.

Crime: You must allow the state to install software on your computers or mobile phone that will monitor all e-activity.
Section to be applied: 69.
Punishment: Jail term up to 7 years.

Crime: You must allow the state to decrypt all communication that passes through your computer or network.
Section to be applied: 69.
Punishment: Jail term up to 7 years.

Crime: You must provide access to everything stored on your computer or mobile phone to the relevant authorities.
Section to be applied: 69.
Punishment: Jail term up to 7 years.

Crime: You must block access to sites that the state decides.
Section to be applied: 69A.
Punishment: Jail term up to 7 years.

Crime: In a sense all computer users are ISP’s. We must allow the state to monitor and decrypt all traffic that passes though our home grown networks.
Section to be applied: 69B.
Punishment: Jail term up to 3 years and a fine.

Crime: Service providers like Blackberry and others must hand over the decryption master keys to the state.
Section to be applied: 69.
Punishment: Jail term up to 7 years.

Got this via email, source not very clear. This is a suggestive list, advised to recheck; DON’T take these as final verdict of supreme court ;)

UPDATE (24th Mar 09') : Ministry of IT has finally published the amendment online on the website http://mit.gov.in
Direct Link: http://mit.gov.in/download/it_amendment_act2008.pdf
Now its _more_ official now

Punetech is...

2009-03-05T23:41:00.000-08:00

I was thinking of writing a blog on the first B'day of PuneTech and tried some online tricks

Google: "PuneTech is..."

# PuneTech is a free, non-commercial website run by volunteers to disseminate information about information technology and software engineering in Pune.

# punetech is of course a great service

# PuneTech is a service co-ordinated by the people who run punetech.com

# Punetech is worth USD $8 Million in #pulling-a-leg-or-then-maybe-not

# PuneTech is managed by Navin Kabra.

# PuneTech is a non-commercial site that collects information about all interesting technology in Pune. PuneTech makes no profits on PuneTech merchandise.

# PuneTech is a non-commercial, by the community, for the community site.

# punetech is using Twitter

# PuneTech is a community portal exclusively focused on the innovative IT companies and startups in Pune.

# Punetech is a blog started by highly experienced fellow technology enthu, Navin Kabra and he is being supported by excellent team like Amit Paranjape, Manas and others

And once upon a time I twitted the
# @punetech is a boon to Pune tech community. A real good source for all the geeks info. @ngkabra I'm missing such a good stuff in Delhi man. (twit)

Happy Bday PuneTech, its indeed a Boon.

chat protocol

2009-02-25T08:48:00.000-08:00

Scenario 1: You forgot(or don't want) to go offline and you are projecting your screen on projector with some serious discussion in a busy conference room and bang! an old friend messages you on messenger "Hi Sexy"

Scenario 2: You are sitting with someone say Mr. A and another friend say Mr. B sends you a message about Mr. A. You know what kind of message I'm talking about

These kind of sudden and uninvited chat messages can disturbing at times. So in one of my previous organization we had a protocol for chatting. I found it very helpful and slowly many of my friends have started following it.

Here's how it goes, PLEASE try to follow the same when chatting with me and may be others too. This will make the online life bit comfortable for you and your friends

[?] To start a conversation, send a question mark only. Yes a simple " ? " only. This can mean anything as per your understanding like "Can we chat?" or "are you there?".

Now the answer to this question can be yes no or later

[Y] So if the answer is YES, the person replies " y ". Which means "I'm comfortable chatting with you at this moment, tell me"

[N] If the answer is NO for reasons like "I'm busy", or "Can't chat" or whatever, the person replies " n ". If you get a " n " DO NOT send any more message, not even "OK, I'll ping you later" It like saying DO NOT DISTURB

[5] or for that matter any number like " 10 " - "15 " means busy right now, lets talk after 5 (or 10-15) minutes. This comes very handy when you want to chat but because you are preoccupied in something which you can't leave in between.

[ ] If in case there is no reply from the other side, there can be 2 reasons. Too busy to say a " n " or not near the computer. The best option in this case is treat it as " n " and DO NOT disturb

Looking at so many shortcuts, we devised another shortcut. It was " b " this time which means BYE that comes at the end of conversation.

I strongly recommend all my friends to use this protocol while starting a chat with me. Share the protocol with your friends and see the difference.

How far you are from Obama...

2009-01-21T23:23:00.000-08:00

I was just going through my LinkedIn account and noticed that Barack Obama is just 2nd degeree away from me :))

I know this might not make a lot of sense but still...

How far is he from you???

Cheat Sheets: Networking, Hacking, Security, Administration, Tools

2009-01-13T17:41:00.000-08:00

Here is a bunch of CheatSheets which might be useful from time to time to use as a reference:
# TCP/IP and tcpdump Cheat Sheet - SANS.org
# Google Hacking and Defense Cheat Sheet - SANS.org
# Intrusion Discovery Cheat Sheet Windows - SANS.org
# Intrusion Discovery Cheat Sheet Linux - SANS.org
# SQL Injection Cheat Sheet - ha.ckers.org
# Cross Site Scripting Cheat Sheet - ha.ckers.org
# Web application Cheat Sheet - secguru.com
# Linux Security Quick Reference Guide - Linuxsecurity.com
# LINUX Administrator’s Quick Reference Card - cheat-sheets.org
# Oracle Security Cheat Sheet - red-database-security.com
# Nmap & Nessus Cheat Sheet - secguru.com
# Security Incident Survey Cheat Sheet - zeltser.com
# Initial Security Incident Questionnaire for Responder - zeltser.com
# BGP, EIGRP, First Hop Redundancy, 802.1X, IPsec, IPv4 Multicast, IPv6, IS-IS, OSPF , STP, tcpdump, Wireshark, Common Ports, IP Access Lists, Subnetting, Markdown, MediaWiki, MPLS,QoS, VLANs, Cisco IOS, Physical Terminations Cheat Sheets - packetlife.net

If you have more, post them in comments & I'll update the list :)

Life in (Delhi)metro !!!

2009-01-10T05:34:00.000-08:00

I came to Delhi 2 weeks back. Wanted to write a lot but not getting enough time.
Actually not getting enough time to write a blog post, twittering is still on at full speed (@rohit11)

Lets divide the post into sections
WINTER:
Freak, Don't even talk about that. I have spent my 3 years in Meerut which is some 70km from here. Have tasted this north Indian winter, but in last 6+ years Pune weather has pampered me and now this is feeling at extreme. What Delhi winter (or north Indian winter) is like
# Tip of your nose will be chilled like anything
# Toes will be cold even after they are locked in shoes for hours together
# Hands will be cold even inside gloves. Best option is sit on them to keep them warm.
# You'll be wearing those "body warmers". Till now I used to see them TV commercials only, but now I bought them too.
# One quilt/blanket is never sufficient

FOG:
# Your morning/late evening flights will be delayed
# Your not so late evening flights will also be delayed(ref: my trip to Ahmedabad)
# Driving with parking indicator on
# Special fog lamps on cars, and in some cases yellow cellophane sheets on the car headlamp ;)

METRO:
# Delhi metro is nothing different from Mumbai's local. Just this one has AC ;)
# Same kind of rushing/pushing/struggling crowd
# The only good is that the doors get closed
# On Rajiv Chowk (CP), there are barriers and security officials to assist you to board the train.
# If too much crowded, then they will assist the door closer too by pushing passengers inside and for the automatic doors to close, that was a funny scene

FOOD:
# Delhi is a place for foody like me ;)
# Don't bother about the dripping butter on our paratha
# Delhi-cious food, no doubt
# Wonderful non-veg, ultimate cooks live in North India only
# Yummy road side snacks
# Don't miss "Thank God Its Friday" @ CP

CITY:
# Is more green than last time I saw it
# Infrastructure is developing very fast, some people thank commonwealth games for it.
# Metro (as discussed) is a wonderful public transport, very decent & serious service
# Roads are very nice & wide, atleast as compared to Pune
# Houses, (metro syndrome) less space and people have tuned to live with it.
# Cars, not even a single one is without a scratch or a dent, not even a new one. Some people put small dent as soon as they buy a new car. some kind of shagun (lucky charm). I have seen this myself.
# Pollution, yes it is there, more of suspended particle than smoke. City full of dust.

That's enough about Delhi now, I might post a few updates in this series, not very sure though ;)

Goodbye Pune, Stay classy Pune

2008-12-26T17:48:00.000-08:00

I never thought I'll be posting something long and boring like this but feeling like putting few words on this subject.

I'm leaving Pune and shifting to Delhi for few years. For those who know I worked as Director Technology for the Commonwealth Youth Games held in october 2008 and same is the reason why I'm moving to Delhi. I'll be working for the Commonwealth Games to be held in October 2010.

Its been 6 years and 1 quater I lived in this classy city Pune. Have seen this city growing like anything and now its feeling bad to leave this city of geeks.

I love Pune because:

# City of Geeks: You always bump onto a few geeks everytime you are out. We organized many BarCamps and other Camps here and noticed that the talks/crowd of Pune were more inclined towards geeky stuff than general talk-talk stuff.

# City of Good Girls: no more comments ;)

# City of Wannapreneurs: I love the wave of Pune's special wannapreneurs. Everyone(nearly) is jumping up with a new concept and doing something very interesting. Saw rise and fall(very less though) of some very nice startups.

# City of Wannabe's: People in Pune are there to learn any damn (technical) thing they can. I found so many such people here who are ready to do anything to learn something new. And when it came to my hacking zone I found more number of such energetic people who are ready to bunk classes and offices just to learn something cool. Ya I'm not talking about roadsense and some other stuff :) That might take some time.

# City of Foodies: I loved this charateristics of Pune. Though you'll not find a lot of roadside fun eating joints, but I really like the kind of eatouts Pune has :P~ Someone who is foody like me will always find Pune as a fun place to be in. Starting from typical Puneri food to all the different cuisines. From Dots ice-cream to Naturals. From Gulabjamun to Basundi. From handi dahi at sinhagadh to goodnight at ajuba. STOP IT ROHIT!!!

# City of Communities: ClubHack, Barcamp, Blogcamp, Phpcamp, Ideacamp, Jugcamp, developergarage, null, firefox gang, twitter gang, I'm sure I'm mising a lot of names here.

# City of Non-Tech Communities: How can I forget my Royal Enfield gang "RoadShakers". Then we had Pune Eatouts, Wine Tasting Club, Pune Trekkers, Adventure Sports Clubs.

# City of Enthu Students: If you are in Pune and need a quick helping hand in any thing, just get in touch with a 1-2 students and see how the whole work is done. I loved the enthusiasm of students community here to DO something.

# City of Wonderful Night Life: I remember coming home at 2am or 4am from parties and still it used to be so safe. So many beautiful places for wonderful night life in Pune. So many people in the wee hours at the parties.

# City of Art and Culture: People here still have time to spend on art and culture. I know people leaving jobs just to do paintings & photography. Attended so many concerts so many many big artists. Even watched marathi plays here.

# City of my great friends: I made a great circle of of friends here in Pune. Every hangout I used to bump on to some new and some old friends. Would it be OK to name a few here??? Let's not hurt readers with a LOOOOONG list of names here. But all my friends know how much thankful I'm to them for being in my life.

I know I have listed things those were of my interest and there can be hundred such lists by different people and thats the thing I love about Pune. A city for everyone, always there to welcome one and all with open arms (ya I know this statement went little bollywood style). I can still write a lot about Pune but that will surely put you to sleep.

Its little hard to leave Pune and its forcing me to plan my comeback in this city. I'll be back Pune. I'll miss Pune and seems like Pune will miss me to.

GoodBye Pune, Stay Classy Pune

UNtrusted Certificates from UNtrusted CA

2008-12-23T22:16:00.000-08:00

Following HDMoore's twit I stumbled on this case of Man-in-the-middle attack with a valid SSL certificate from a shady reseller.

Eddy Nigg was able to buy a certificate in the name of mozilla.com from a reseller of comodo named 'Certstar'.

In response of this issue, comodo says

That reseller's ability to sell Comodo certificates has been suspended while we
investigate why they are apparently not fulfilling their contractual obligations
to us. We revoked your certificate for mozilla.com.

If this is the situation, why do an attacker need to work hard to do arp poisoning and other tricks to do an MITM. Phishers will be happy to use this kind of shady resellers.

Or maybe they are already using these kind of stupid CAs to get a valid certificates.

Call me crazy/paranoid /fanatic or whatever you want to but I've deleted COMODO from both of my browsers (IE & FF). Chrome uses the same from IE so it became easy for me ;)

This is indeed scary, very scary...

Indian IT Act Ammendment Bill

2008-12-23T07:15:00.000-08:00

Yesterday on 22nd of December 2008, Lok Sabha and today on 23rd December 2008, Rajya Sabha passed the Information Technology (Amendment) Bill, 2006"

It was passed by Rajya Sabha also within one minute. See extracts from Rajya Sabha Bulletin

2-04 p.m.
(3) The Information Technology (Amendment) Bill, 2008, as passed by Lok Sabha. Shri A. Raja, Minister of Communications and Information Technology, moved motion for the consideration of the Bill. The motion for consideration of the Bill was adopted.
Clauses 2 to 49, the First Schedule and the Second Schedule were adopted.
Clause 1, the Enacting Formula and the Title were adopted.
2-05 p.m.
The motion moved by Shri A. Raja that the Bill be passed was adopted and the Bill was passed.

The details of the these amendments which are in addition to the original 2006 copy can be downloaded from here

Messing with perl

2008-12-18T22:41:00.000-08:00

Ooh not me, but thinking of doing it soon

But XKCD is so true again :)

I'm thinking of messing with both PERL & Python.
Don't be amused, I'm OK, healthy and fine. Just want to do some dirty scritping

ClubHack on NDTV

2008-12-17T10:15:00.000-08:00

NDTV took an interview and a few bytes on 6th December in ClubHack but somehow they telecasted it as wardriving report.

Few clarifications here.
1: its not a group of students-turned-hackers
2: not even teenagers, butno harm if someone is reducing my age by 10 years or so

Powerstatus for Windows Mobile

2008-12-04T19:46:00.001-08:00

I found this tiny(absolute tiny) and wonderful utility for windows mobile.

It uses top 2 pixel row of your screen and shows you the battery as well as memory status. A quick look at the phone will give you an idea that how much battery is remaining and if you have enough memory free or not.

See the top 2 pixel of the screenshot

Name: powerstatus.exe
Size: 3584 bytes
License: Freeware
Download: http://freewareppc.com/utilities/powerstatus.shtml

Put this in your windows mobile startup and have fun. I'm loving it :)

ClubHack2008

2008-12-04T18:41:00.000-08:00

One day to go for the India's second hackers' convention

Date: 6th & 7th December 2008
Place: Pune
Venue: International Convention Center, SB Road. Address
Schedule: Schedule
Registration: Registration

Wardriving Pune

2008-11-21T18:24:00.000-08:00

On 10th November 2008, ClubHack with support of Cyber Crime Cell of Pune Police conducted a Wardriving in Pune, Maharashtra.

This Wardriving aimed at analysis of wireless network security in Pune city at common places like ITparks, residential areas, market areas, hotels, airport etc.

To our amaze, we found nearly 81% of Pune's wifi to be insecure ( I count WEP as insecure)

Find the report and analysis @ http://wardrive.in/

“Free Internet Access” “Free Public WiFi” The Viral SSID

2008-11-07T11:22:00.000-08:00

Ever wondered what is this “Free Public WiFi” or “Free Internet Access” wireless network visible in most of the places?
These are known as Viral SSID, don’t expect it to be a free access to internet :)

Read more about Viral SSID on ClubHack blog