Your quality source for all things technology! Google Wave-Got your invitation yet?
As many of you may know, Google Wave is the next generation platform intended to merge email, instant messaging, social networking and more. The preview release of Google Wave was provided to 100,000 selected users this September and Wave has yet to be publicly open for sign ups.
Who got these invitations? “developers who’ve been active in the developer preview started back in June, first users who signed up and offered to give feedback on wave.google.com, and select customers of Google Apps” (Google). Weren’t one of these select few? No worries, read on! Read more…
The average user’s introduction to SEO-by for3v3rforgott3n
Search Engine Optimization, what exactly is it?
In short, SEO is the act of optimizing your website or websites to rank well in major search engines such as Google. When done well, SEO can bring you more traffic, more revenue, and allow your site to be more frequently crawled by their web spiders.
SEO is not only referred to as Search Engine Optimization, it is also referred to as Search Engine Optimizer (the person who is doing the optimizing).
How do I go about optimizing my website to rank better in search engines? Easy, grasp some simple concepts and you can be jumping up the search rankings in no time.
Original/Quality Content
This is one of the major variables to help you gain a better search ranking. Your content should be high quality, original, and worthy of being read. Any SEO is aware that the quality of your content is highly important and this can not be stressed enough.
Innovation/Creativity
Okay, this may not be as commonly executed but think about it this way. You’ve created such a “fresh” website that major tech news sites and webpage recognition sites just can’t stay away from talking about you. If done well, this can certainly bring you a substantial amount of backlinks.
Avoid query strings in URLs (Dynamic URLs)
Often people fail to notice the importance of limiting their URLs to something that looks static or “permanent” to search engines. Think of an URL as that specific content’s address on the internet. If major search engine are unable to have something permanent or long term to index, why would they bother? Read more…
Computer Startup Time – Current Problems, Future Advancements, and Solutions You Can Consider For Now
Computer Startup Time – Current Problems, Future Advancements, and Solutions You Can Consider For Now
By Neon Zidane – neon.zidane@gmail.com
Please report any errors or suggestions for improvement. Thank you!
Table of Contents
Introduction – Booting Process
Future Innovations and Advancements
Introduction – Booting Process
First of all let’s familiarize ourselves with how the computer boots up. It’s a very simple to understand process. When you first press out the power button, the computer goes through an initialization process. Firstly, it’s important to check if a CPU is present and functional. If there is an error related to the CPU, depending on your motherboard model, it your motherboard might make a beeping sound, flash the power light, start to smoke, or burst into flames (no biggie 
). Usually, after this, if you have a multiple CPU configuration system, one CPU (CPU 0) is selected to run the BIOS and initialize the kernel (a central component of your operating system which will “turn on” the remaining CPUs). At startup, a CPU can only address 1MB of memory, but some Intel processors have a special configuration where they use the last 16 bytes of the memory.
Then the computer starts executing the BIOS code, and starts checking for present hardware (Power on self test). Usually when there is a hardware error, it will display a message on the screen and make a beeping sound. Most motherboards make a beeping sound because if your video card turns out to be not functional, how else can they convey the message to you? Many of the modern (post 1996) BIOSs can use Advanced Power Configuration and Power Interface (ACPI) to list devices the computer has, and then the kernel uses this information.
After the POST, the BIOS wants to find an operating system to boot. It will search through a list of devices in a user-configurable order (CD, Hard Drive, Floppy, USB flash drives, memory cards, etc.) otherwise it will present you an error that says “Non System Disk or Disk Error” which could indicate that the disk could not be boot from. This could mean the disk is not functioning (broken hard drive, scratched/bad CD, etc.) or a configuration error you have made. If a bootable device is found though, the BIOS will read sector 0, the first 512 byte sector of the disk (remember that sector n-1 is the last sector of the hard drive where n is the total amount of sectors on the drive). Important data is in there: a boot sector. It also contains a partition table, 64 bytes – 16 bytes per partition (That’s why you can’t create more than 4 partitions on a hard drive, you will have to use a logical partition).
Since the boot sector is so small (460 bytes of usable space), it will either 1) launch another boot sector, 2) launch a second stage boot loader (could be DOS loader, NTLDR, BCD, GRUB, Lilo, maybe some strange virus you got off some website you shouldn’t be visiting anyways, etc.), or 3) Directly launch the kernel and start the operating system. Either way, if configured correctly, your computer will be told where an operating system is located and a file that will start the kernel. Your operating system splash screen will appear and in a few moments you are ready to use your computer system!
Current Startup Issues
How many things can you do in the time it takes your computer to start up? This means from turning on, operating system loading, then to a point where everything is ready, and you’re ready to start your favourite application (If your login is password protected, don’t count that!). Make a coffee? Make your entire breakfast? Go to school/work and then come home to find out your computer has FINALLY started up? Computers, unlike some other electronics, aren’t in a ready state the moment you turn them on. For example, a television would be ready within a few seconds of you turning it on, a phone would be ready the instant you turn it on. Even your CD player, DVD player, or Blu-ray player would be almost instantly ready when you turn it on. Usually you’re only waiting for it to spin up the disc. Read more…
WPA encryption hacked in under a minute!
Computer scientists in Japan say they’ve developed a way to break the WPA encryption system used in wireless routers in about one minute.
The attack gives hackers a way to read encrypted traffic sent between computers and certain types of routers that use the WPA (Wi-Fi Protected Access) encryption system. The attack was developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, who plan to discuss further details at a technical conference set for Sept. 25 in Hiroshima. Last November, security researchers first showed how WPA could be broken, but the Japanese researchers have taken the attack to a new level, according to Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack was demonstrated. “They took this stuff which was fairly theoretical and they’ve made it much more practical,” he said.
The Japanese researchers discuss their attack in a paper presented at the Joint Workshop on Information Security, held in Kaohsiung, Taiwan earlier this month.
The earlier attack, developed by researchers Martin Beck and Erik Tews, worked on a smaller range of WPA devices and took between 12 and 15 minutes to work. Both attacks work only on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. They do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm.
The encryption systems used by wireless routers have a long history of security problems. The Wired Equivalent Privacy (WEP) system, introduced in 1997, was cracked just a few years later and is now considered to be completely insecure by security experts. WPA with TKIP “was developed as kind of an interim encryption method as Wi-Fi security was evolving several years ago,” said Kelly Davis-Felner, marketing director with the Wi-Fi Alliance, the industry group that certifies Wi-Fi devices. People should now use WPA 2, she said. Wi-Fi-certified products have had to support WPA 2 since March 2006. “There’s certainly a decent amount of WPA with TKIP out in the installed base today, but a better alternative has been out for a long time,” Davis-Felner said.
Enterprise Wi-Fi networks typically include security software that would detect the type of man-in-the-middle attack described by the Japanese researchers, said Robert Graham, CEO of Errata Security. But the development of the first really practical attack against WPA should give people a reason to dump WPA with TKIP, he said. “It’s not as bad as WEP, but it’s also certainly bad.”
Users can change from TKIP to AES encryption using the administrative interface on many WPA routers.
Neobux-The best PTC site on the internet. By for3v3rforgott3n
Contents At A Glance:
Okay, I understand. Please give me more information about Neobux.
Only 4 advertisements/4 cents a day?! No way I’m joining!
How much does it cost to rent referrals?
Can I lose money? How do I ensure I stay in profit?
Are you sure Neobux isn’t a scam? Can you give me tips on how to tell if a PTC site is a scam?
What other great features does Neobux have that I should know about?
Today I will introduce you to one of the best Pay to Click websites on the internet, Neobux.
Neobux is a innovative PTC website that has already paid $11.5 million to their members (at the time of this post). For the current total payout amount, refer to the image below.
Well , it indicates that Neobux is in fact, NOT a scam. They will not use you to click their advertisements, make money out of it, and not pay you like many of the PTC scams we see around today.
You may be wondering what a PTC website is? Let’s start from the literal meaning. PTC is an acronym for Pay to Click, PTC websites allow advertisers to post their ads for a certain price (the price usually depends on the number of “views” or “impressions” the advertiser desires) and they give YOU, the user, a portion of the payment. Payments are usually around 1 cent per “impression” (everytime you view an ad, you are giving it one “impression”), some sites may pay more or less but it’s generally around 1 cent. The best part? Neobux is absolutely FREE to join. However, make sure you sign up for a Paypal, Alertpay, or Neteller account before you signup as your payment info is required upon registration.
Okay, I understand. Please give me more information about Neobux.
As a standard member (meaning you have not paid to upgrade your membership), you are given 4 advertisements every 24 hours (the time depends on when you first click your ads), and you are paid 1 cent or $0.01 for each advertisement you view. Read more…
SQL injection tutorial by for3v3rforgott3n
Contents At A Glance:
LIMIT, What is it and why do I need to know how to use it?
First of all, if you find that I have written something that is wrong, please address it and I will fix it. I have written this tutorial solely for education purposes, do not contact me regarding anything along the lines of me publishing “full disclosure” information on internet security. I have written this in the hopes that it will not only help educate anyone who is interested in SQL injection, it may also help educate any website owners/coders who are unaware of the risks that they put their company/systems in when leaving a simple issue unattended. This tutorial was written by for3v3rforgott3n at http://for3v3rforgott3n.blogspot.com
First you need to know what makes a site vulnerable to SQL injection before you can find and inject vulnerable sites.
The most common reason that a site is vulnerable to SQL injection attacks is because the owner/coder didn’t use the built in MySQL feature ‘mysql_real_escape_string()‘. The purpose of this function is to sanitize or remove special characters from an SQL query. The most common side-effect is the simple username/password exploit ‘ or ‘1′=’1. Most website administrators today use this function along with stripslashes() or addslashes() to further sanitize the data.
Well since I gave you a very basic reason for why certain sites are vulnerable, we will move on to finding some vulnerable sites to play with.
When talking about finding sites to inject you will hear the term “dork” a lot, what this refers to is a google search term targeted at finding vulnerable websites. A “google dork” uses the built in google functions inurl:, or allinurl: to search for websites that have certain strings in their URL or website address, an example of a google dork is: inurl:index.php?id=1, entering this string into the google search engine would return all of the sites in google’s cache with the string index.php?id=1 in their URL, Ex: http://www.example.com/index.php?id=1
Here is a list of “dorks” to use:
http://sql-injection-tools.blogspot.com/2009/06/dork-sqli-by-shafiq.html
Now that we know what a google dork is we can start finding vulnerable sites. To be vulnerable the site has to have a GET parameter in the URL: index.php?id=1, id=1 being the GET parameter which ‘gets’ the 1 ‘id’ from the SQL database(Understand? Good.)
So you are going to go to http://www.google.com,http://www.blackle.com, or http://www.dogpile.com and search for your selected dork. When you get your list you can start checking for vulnerabilities. To do this the most common way is to add a back-tick after one of the integers in the URL
Example: http://www.example.com/index.php?id=1′
Now there are many ways for a site to show you that it is vulnerable the most common are errors:
You have an error in your SQL SyntaxWarning: mysql_fetch_array():Warning: mysql_fetch_assoc():Warning: mysql_numrows():Warning: mysql_num_rows():Warning: mysql_result():Warning: mysql_preg_match():
If you receive any of these errors when you enter the ‘ after the number then chances are the site is vulnerable to SQL injection attacks to some extent, but that isn’t the only way to see if a site is vulnerable, the biggest overlooked error is when a main part of the site just simply disappears, such as a news article or a body of text on the main site. If this happens then it is likely that the site is vulnerable also.
After you find your vulnerable site the first step you need to take is to find the number of columns in the table that is in use. Read more…
Can't find something?
Vancouver 2010 Winter Olympics-Current Medal Standings
Categories
Posts you must read
- Google Wave-Got your invitation yet?
- The average user’s introduction to SEO-by for3v3rforgott3n
- Computer Startup Time – Current Problems, Future Advancements, and Solutions You Can Consider For Now
- WPA encryption hacked in under a minute!
- Neobux-The best PTC site on the internet. By for3v3rforgott3n