adir1

Lately I use multiple browser, more so than ever, in this order: Google Chrome, Firefox and Internet Explorer 64 bit.

This story unfolded literally few minutes ago, and I believe entire thing happened online within past few hours, at the most.

Some “entrepreneurial” guy registered blizzard-admin.net domain and setup a fake Login page to mimic World of Warcraft in every way possible, all in a classic phishing scheme. But, this time they took it a bit further. As I was catching up on my late night gaming, a direct message came in over from someone called “blizzrdadmin” within a Game, telling me to go to this web site to register for Rare in-game mount.

I think it took me about 2 seconds to report that account as Spammer, and from what Blizzard promised in the past, they review such complaints very seriously, often within minutes of complaining.

And here is where Google Chrome shines – I decided to still check out how clever these “phishers” were, and told my Chrome to show me the site. I was pleasantly surprised when a Warning came up, telling me to Stay Away! Excellent!

And here’s the kicker, neither Firefox nor Internet Explorer, which also contain anti-phishing technology, knew yet that this is a Phishing site! They both took me to the site…

This is just further reinforces my admiration for Chrome and I am sure I will be using it more and more as my primary browser. I don’t recall if I wrote about it before, but I also find Google Chrome under Windows 7 to be by far the fastest of browsers. I believe part of the reason is unique architecture of Chrome, as it creates separate Operating System processes for each Browser Tab or Window.

In unrelated news – I realize I haven’t been blogging much lately, apologies, and will improve!

Share This

As you may have heard from me in the past, I was very impressed with Beta and RC version of Win 7, so I was among the many people preordering a copy when special $50 offer was available for a limited time. In fact, local MicroCenter store offered $40 preorder option at the time, so I jumped onboard. I also decided to use this opportunity to migrate to 64 Bit and fully utilize my 4Gb memory (which I think I will upgrade to 6 GB or more in the future).

Knowing that 64 Bit Vista and Windows 7 RC don’t like my motherboard, I decided to replace that also. So had it shipped just in time for Oct 22 release date, and set out Friday night to rebuild the whole box and install fresh Windows 7 Home Premium 64 Bit. For those who care, here are some components I updated on my PC, via Newegg, of course: P45 Motherboard, nVidia 9600 GSO and 640 GB hard-drive for clean install. I kept other components, including my 4GB memory and my Intel Q6600 quad-core CPU.

It installed without a hitch, besides minor snag where it wouldn’t activate right. During the install, I disconnected my Vista hard-drive, as I didn’t want it to touch that boot loader (it has dual Vista/Ubuntu boot). When I later came to activate Win 7, even with fully licensed Vista right there on the other HD, it complained. Luckily there is simple fix for this bug.

Since I used mainstream components, it seems that 64 Bit drivers was mostly non issue. I had strange issue at first with my Motherboard embedded networking card. It worked, but then stopped. I later found that Windows Update decided to “update” networking driver to OLDER version. Once identified, a simple “rollback driver” button click resolved the problem.

I was happy to discover that Zune software has 64 Bit flavor, and so does iTunes (though it’s only drivers, I think. iTunes itself runs as 32 bit, blah). Steam works great, and this is again why I love steam, as I was easily able to reinstall games I wanted and purchased in the past. World of Warcraft works great also! In fact I saw FASTER FRAMERATES, on what is essentially the same hardware (but 64 Bit and newer drivers, faster HD).

Another HUGE improvement – SILENCE!!! This is both when it runs, the HD is not overused and generally fans are running low also. And Hibernate works GREAT! I can just walk away, it goes to hibernate after 30 minutes and I can just turn it back on when needed, entire resume is under 30 seconds.

I am still installing software and bringing over my documents, etc. I am reluctant to put Office 2007 on, and rather wait for Office 2010 (betas are planned soon?). Did you know that iTunes can sync contacts Directly with Yahoo! Address Book?! And Plaxo can sync directly with Yahoo! Get the picture, folks!?

To summarize, so far – very stable and fast! I am enjoying it!!! I’ll report more in the future!

Share This

I am excited, awestruck, humbled and overall happy and serene, all at once! What brought on these emotions is my first interaction with newest version of Google’s amazing Picasa product. But of course, it’s years of photos in my collection that bring on these wonderful memories, and combined with amazing new technology to present and organize them, is where Picasa really shines.

And Yes, Picasa is FREE, fully featured edition.
Thank You Google!!!!

The latest edition finally brings us Face Recognition, taking this already excellent photo organization and editing program to Whole New High!! I found a spot in Picasa that shows me all my photos in collection, hope you sitting down – 57,975 is the number, occupying 66.1GB space! Yes, that’s almost 58 Thousand Photos!!!

I find tagging experience especially amazing. I tried to start it off with tagging more recent (higher quality, clear faces) photos, and it went back and picked up same people over the years. Including Baby and Childhood photos!!! The mere process of tagging, where it presents the many stages of person, in one quick/easy to navigate view, is spectacular.

Yes, I do have 4-core computer, and it still takes a while to scan all the photos. It does that in the background, or I would recommend tagging few people in recent photos, and let it work overnight if you have a lot of photos.

Another tip is to find Confirm All button on top of Name tagging frame – do a quick scan to see if any need to be excluded (mistakes, especially happen during baby years, or with brothers and sisters, naturally). After that, quick press on Confirm All, and voila! I already have over 1000 faces confirmed and only 16k more to go

The recognition algorithm is really impressive, there were few rare occasions where I wasn’t even sure myself, but computer was right in face recognition!!! Even partial faces like this one here, recognized correctly!!!

There are countless other features, here is a quick run down of major new additions. Charge Forth and download this amazing piece of technology. It is Priceless (aka: Free) and is sure to improve your experience of this living we are all doing.

PS: Maybe I missed it, but I did not see much news about this in main media. Where are CNET or TechCrunch folks, or Scobleizer perhaps? No-one mentions this amazing leap forward, not just in face recognition technology, but in producing this overall package with such Ease of Use and convenience (and I didn’t even touch on massive web sharing options available).

Share This

Word gets around on Internet quickly, but apparently not quickly enough for me. I do recall noticing somewhere a word about small security breach in Wordpress 2.8.2 few days ago, but it wasn’t clear to me that all earlier Wordpress versions were affected, so I did not rush and act right away.

Big mistake, after reading today what happened to Scobleizer (top of Techmeme, so thanks to both for heads up), I rushed to make the most recent backup of my blog and upgrade it to 2.8.4 wordpress. The upgrade itself was quick and painless (as usual with wordpress), and it actually much improved, as auto upgrade of plugins worked flawlessly in this latest edition (haven’t tried full upgrade yet).

I thought I was out of the woods, but reading people’s comments, they mentioned an Admin account, that hackers create for themselves. Not seeing anything in the Users list, I was not worried at first. But then, someone mentioned “hidden” in their comments. So I went to WordPress tables in mySQL and FOUND A HIDDEN ADMIN account created there! Complete, with evidence of crime! The darn trick is as simple as inserting malicious JavaScript which elevated the user to Admin, into their own First Name field!!! I promptly deleted the invader’s account, and hopefully this is the end of that (read below about other things I checked).

I must say I am disappointed with Wordpress security, although it remains the easiest to use and very fast/flexible framework for blog/site. But, haven’t we learned from all SQL injections in the past? Validate Field Lenghts on the Server Side!!! Especially for any input/fields or account registrations that are in World Visible unsecure area!

I know the hack was fixed in 2.8.4, and I haven’t taken the time to review how it was fixed. But, I truly hope this is something they go back and double check elsewhere, as much as possible.

I don’t know if this breach left any other backdoors on my blog, I certainly hope not. Here are some steps I took to review site integrity after following standard Wordpress Upgrade instructions:

• If you do find phantom Admin user in your wp_users table that you don’t recognize, check if that user has wp_user_level of 10 in the wp_usermeta table (same user_id) – Record the offending user_id or IDs (if you have multiple breaches). Promptly remove all records from both tables for that user_id, obviously.
• Review all other tables, especially wp_posts, for found user_id above (called post_author in the wp_posts table). It also helps to review any old posts and check their post_modified field, to check for any recent modifications that you didn’t perform yourself.
• Review your file system for any new files. I presume that you upgrade as per instructions and completely wipe your old wp-admin and wp-include directories before placing new ones there. But, what about wp-content with your Theme, plugins, widgets and uploads? Review these directories as much as possible!
• I have no idea how to review wp_options table and whether anything suspicious may be lurking there – If you have suggestions on this one, post in Comments!

Here are some more links to review from experts and fortify your site as much as possible. Of course, you may also reconsider moving into relative safety and simplicity of hosted blog, such as Wordpress.com and others.

Me, I prefer the “fun” of messing with my own site, and having complete control, seemingly.

UPDATE: Found another older post, but more good suggestions there. For example, I did review my .htaccess file and found it a bit suspicious, so I replaced it. I just forgot to explicitly mention it above. Better stay alert!

UPDATE2: I am still lurking around the Net and reading up on this. Seems that latest vulnerability could also allow someone to reset Admin password of the “default” initial Wordpress account. So, I also took the precaution of resetting that password to something new ASAP. Read up more here.

Share This

Yes, there, I am out in the open now, ready to admit it. For the longest time I’ve been watching Netbooks, saying to myself – it’s really a useless toy, why spend money even?

• Sure you could check your email on the tiny screen, but can you play online video from YouTube or Hulu? Well, not in HD, but works just fine as regular video!
• But surely it can’t even play local MP4 files full screen – Yes it can, aparently!
• But you won’t even be able to play any 3D games or run Vista! Well, 3D games work! I was shocked to discover that even World of Warcraft runs, on minimum settings, of course. Vista I haven’t tried (and don’t recommend to), but Windows 7 (RC) works nicely on this machine!

In fact, I decided to post this from my little Netbook! We picked it up for only $260 before recent family vacation, and it proved to be an integral part of the family during the trip. Sure I was waiting for some real 3D (will nVidia’s Ion platform ever materialize?), but with the trip on the horizon and this great Woot price, decided that this is a worthy investment, for now.

Overall we’ve been really happy. Family mostly used it to visit Facebook and watch online (and offline) videos. Did I mention that our model came with 160GB hard-drive and 6 hr battery life? Two really important characteristics, in my opinion, making it much more than a toy.  My only complaints are 10″ screen (really minimum), and keyboard size (but new 11″ models have bigger keyboard also). Oh, and be sure to always use Full Screen mode on your web browsers (key F11 on most).

In unrelated news, our Internet at home is back! Comcast tech came and delivered, as they say. It’s very fast and stable now, and we are happy. So, to celebrate, enjoy this fun music video! If you are not on Netbook, hop over to YouTube site and watch in HD.

Share This