I’m getting few spam comments once in a while, even though Akismet is working hard to protect me from them. So, I thought to add another layer of protection from spam, I’ve installed reCAPTCHA.

It’s about giving a helping hand through you guys as well as stopping spammers. reCAPTCHA is a free CAPTCHA service that helps to digitize books, newspapers and old time radio shows. Take a look at their site, reCAPTCHA.net for more information.

Well, sorry for asking you to prove that you are a human to comment. Thanks.

Idlebrain, the telugu film website is one site almost all Telugu movie lovers go after release of any Telugu movie to read reviews. The website is so greedily filled with ads that I’ve almost stopped going to that site. Well, hope they have learnt their lesson atleast by now. Guess why ?

Well, WTH Idlebrain ? How about learning some basics in ‘everything’ from Passion for Cinema ?

Mediawiki Zindabad. This was the result when I tried adding some stuff on Wikipedia :P

Without any intro - crap that I usually write explaining why I had to write this post, I’m going for the subject. You(general junta or web developers or scared security guys) might see some eval packed javascript which phishing idiots ask you to copy paste on your URL bar and hit enter key. Unpacking JS is a PITA was an answer that my brain use to give whenever I think about it. Just now, I found a very easy method to convert it into readable Javascript without any extra tool (IE boys, run away) Its very simple in FF or Opera. FF guys, all you need to do is …

1. Copy the eval packed JS. something like —— eval(function(p,a,c,k,e,d){e=function(c) …………………. }
2. Open Error Console on your firefox
3. Paste the packed JS in Code input tab
4. Add eval = alert; at the beginning of the code
5. Hit Evaluate

You will get the proper javascript for the packed javascript. Copy paste it into any code prettifier. It will become perfectly readable. Opera folks, follow this. Packed JS is a huge asset for Phishing as who would have expected that packed JS in this code will make you join around 26 communities and send some stupid message to all your friends without your knowledge as soon as you copy paste some JS code on your URL bar and hit enter. Edit: Or the simplest of all, as Rob Reid suggested, just head to the unpacker at Strictly Software. Thanks Rob.

Guess you know what is DNS ?
If you don’t know what it is …
Its Domain Name System. All the servers will have some set of numbers to identify them (IP), to recognize them easily we give them a name (domain name) and for internet to work, DNS maps these names to numbers. (Duh, read wikipedia for more info)

For the techie folks who know whats DNS, you might have missed this news. There was a bug. It was just a bug when people din’t know. Few days before , its was a problem as bad people know that it exists. And couple of days before, it became a major problem as bad people got to know how to tame the bug and exploit it. And today, its frigging Pain in the A** as our dumb ISPs are not fixing their DNS servers.

Well, the bug is that bad people can manipulate DNS lookups. Which literally means, when you open Google.com, then can send you to Yahoo.com too. Search engines need not be a problem, but if they manipulate DNS of a bank … the answer is … somebody is gonna get hurt real badddddd

So, I request you to check (@Doxpara) whether your DNS server is vulnerable to such bug or not, and if it is, change it to OpenDNS (208.67.222.222 and 208.67.220.220) and stay secure. As of today, I’ve tested BSNL and Airtel DNS servers (Chennai) and both of them are vulnerable. Guess, we need to take a huge rod and shove it up into someone’s a** and make them fix their DNS servers so that we can stay secure.

For extra-super-terrestial technical folks, I need not tell you about this, but incase you missed it, check (@Securebits) the exploiter released.