Book Review: Ghost in the Wires by Kevin Mitnick & Bill Simon

Ghost in the Wires is the memoir of Kevin Mitnick, once labelled America's most wanted hacker. Besides time in jail, he received the unusual punishment of not being allowed to use a computer for eight years.

His life after that term has changed for the better and he is now a Security Consultant who does ethical hacking (implying what he may have done in the past was unethical after insisting throughout the book that he never hacked for financial gain and never did anything "evil"), public speaker, & author. He has been "hired by government agencies like the FAA, the Social Security Administration and - despite my criminal history - an FBI organization, InfraGard" - some of the same agencies whose loopholes he exploited in his hacking "addiction" days.

By his own admission, he has:

• manipulated phone company switches all across America
• got information from the California DMV through social engineering
• committed identity theft several times
• tapped into a FBI informant's phone call
• stole the source code of Sun Microsystem's Solaris
• cloned cell phone numbers, made free calls
• acquired Netcom's customer database that contained more than 20,000 credit card numbers ("but I never attempted to use any of them")
• compromised the security of vulnerability researchers
• ..and much more

Kevin has also authored international bestsellers Art of Intrusion and Art of Deception. During a book promotion in Poland, he understood the reason for his celebrity status there - "if you beat the system, you were considered a hero!". That possibly explains his fan-following around the world as well - most of us love the "little guy" who "fights" big corporations or institutions. He has over 98K followers on Twitter.

This book is good reading (if you can put up with some of the author's bragging) for professionals dealing with information security, software testing and programming in general, to know how the mind of a hacker works.

This book left me with the feeling that while crime pays, computer crime pays better if you know good lawyers.

Read More

TWIL - Week #17

This Week I Learned:

• The normal Web and Business Editions in SQL Database have a limit of 180 concurrent requests. Applications requiring more connections should use a Premium database (Premium Tier for Windows Azure SQL Databases is a new preview feature in the Azure July Update) with an appropriate reservation size to handle the maximum number of needed requests. The July update also introduces ability to perform recurring, fully automated, exports of a SQL Database to a Storage account in the form of a transactionally consistent .bacpac file. #Azure 
• Coursera uses a "very JavaScript-heavy, JavaScript-dependent approach to our frontend architecture". "To keep our JavaScript sane, reusable, and modularized", they chose Backbone.JS MVC framework. 
• You can use this statement in Chrome Developer Tools to view all URLs within a web page (Source: Labnol): urls = $$('a'); for (url in urls) console.log ( urls[url].href ); 
• It is possible to use Visual Studio to deploy HTML/JS website to Linux / Apache 
• Times New Roman font is very frugal with printer ink. Right Choice magazine tests show that they save enough to allow you to print 27% more page than with the popular font Arial. Verdana is one of the most ink-intensive.
• If you have a 100 browser tabs open, your battery life will be about 1 hour shorter. 
• The Bombay Blood Group is an extremely rare ABO group in which the basic protein called H antigen is missing in the red cells. The group is so named because it was discovered 50 years ago at KEM hospital in then Bombay. This group is incompatible with all A, B and O donors In India, not more than 70 people (29 in Mumbai) are eligible to donate this blood #science (Source: Times of India)

Read More

TWIL - Week #16

This Week I Learned:

• $.now() is the shorthand for new Date().getTime(). #jquery
• Pages fetched with POST are never cached, so the cache and ifModified options in jQuery.ajaxSetup() have no effect on these requests. Setting cache to false will only work correctly with HEAD and GET requests. #jquery
• On devices running iOS6 and Safari, POST is also cached. #jquery
• How does Windows detect battery issues? Laptop batteries have a small chip inside that controls/monitors the charging process and also monitors the number of charge/recharge cycles. This chip is factory programmed with information how this sort of battery typically degrades over time. It also can derive information from the charging cycle itself: The time it takes to reach full-charge at a given voltage/current changes when the battery gets worn out. (Voltage drop during discharge is not reliable as it depends a lot on the amount of current drawn while discharging, so it varies with the use-pattern of the laptop.)
• Is meanness the secret sauce of a winning open source project? It might be, according to Linus Torvalds, the guy who’s been running the Linux kernel project for the past 22 years. "On the internet, nobody can hear you being subtle"
• Tip for self-publishers: Amazon is trying to drive down e-book prices by creating an incentive to price the book under $10. Normally, you only get 35% of every book sale but if it’s under $10 then you can get 70% of every sale....The other catch is that you only get 70% if the book is sold to someone within certain countries. For books sold to people outside of that list, you still only get 35%.
• US is the Indian IT industry's largest market contributing to over 50% of revenues #india
• Only about 5% of the country's 850 million mobile users have subscribed to 3G services, which are estimated to account for 3% of mobile revenue of telecom carriers. (Times of India) #india
• The best American exports are not its goods or capital but its small, nifty, universal ideas from garage start-ups to open source that elevates the commons and reduces the dominance of monopolies
• Mosquitoes find their mammalian prey through sensing the heat and carbon dioxide mammals emit. Pregnant women and larger people are sometimes the victim of multiple attacks, since they exert more energy than the average person. Mosquitoes cannot distinguish blood quality. Mosquitoes are attracted to our human odor, and that is largely a consequence of the bacteria on our skin. The "flora and fauna on our skin" also smell appetizing to mosquitoes, and these can increase when we sweat or spend a lot of time outdoors. When the mosquito bites, it leaves behind some of its saliva, a substance that contains anticoagulants and a local anesthetic, among other things. The body recognizes it as a foreign invader and sends histamines in to counterattack. Scratching just spreads the saliva and encourages the release of more antibodies, and more itching—a vicious cycle. Female mosquitoes are driven to bite you as they need a blood meal to complete their reproductive cycle and produce fertile eggs, which takes a huge boost of protein. To reduce the chances of being bitten, wash with an antibacterial soap to reduce the volume of mosquito-attracting bacteria on your skin. (Source: WSJ) #science

Read More

Things to consider before settling on a JavaScript Library or jQuery plugin for your project

In the article, Which JavaScript Library Should I Pick?, Pamela Fox has listed some practical points to consider before you settle on a JavaScript Library (or a jQuery plugin) for your project. Here is a summary check-list based on her article:

* Will it be a good developer experience?
* Well documented
* Flexible
* Responsive community
+ Number of forks
+ Number of issues
+ Vibe on issues
+ External community
* Actively maintained
* Future thinking
* Tested
* Clean code
* Will it be a good user experience?
* File size
* Performance
* Browser support
* Accessibility
* Responsive

To me, good documentation (including samples) and visibility on StackOverflow are the most important factors.

Read More

TWIL - Week #15

This Week I Learned:

• Scott Allen who is a big name in the ASP.NET community & one of the most popular teachers on Pluralsight, the video training website, has made a million from his training courses on Pluralsight. 
• Allan Jardine, the creator of Visual Event bookmarklet has also authored the DataTables jQuery plugin and other JavaScript goodies.  
• Reflector is also a compiler. It translates IL into C#
• VBScript will gradually be retired from Internet Explorer 
• Minified.js is a fully featured client-side JavaScript library and a 4KB alternative to jQuery or MooTools - 
• You can check all the internal Chrome URLs in one place chrome://chrome-urls/ (via Labnol)
• The U.S. leads the world in software developers, with about 3.6 million. India has about 2.75 million. But by 2018, India will have 5.2 million developers, a nearly 90% increase, versus 4.5 million in the U.S.
• "I would have been fired a hundred times at a company run by MBAs. But I never went into business to make money. I went into business so that I could do interesting things that hadnt been done before" - Amar Gopal Bose 
• 14% of India's lawmakers (from Lok Sabha & State Assemblies) have serious criminal charges against them. Source: ToI, ADR, National Election Watch 

Read More

HOW TO view both read and unread posts within Feedly

Feedly, the popular Google Reader alternative, shows unread posts only by default, possibly to reduce clutter. This may lead new users to believe that old feeds cannot be retrieved later unless is it "Saved for Later".

It is only when you go to Settings (represented by the cog icon) that you realize that there is a filter called Unread Only that is selected by default which causes only unread posts to be shown. To view both read and unread posts, you will need to un-check this for each category.

Read More

Which LINQ syntax is better?

There are multiple ways to write a LINQ query in C#:

• Use query (comprehension) syntax.
• Use method or Fluent syntax.
• Use a combination of query syntax and method syntax.

So which syntax is better?

MSDN recommends writing most queries using query syntax to create query expressions. The general opinion in this StackOverflow thread seems to be - "it depends".

Read More

TWIL - Week #14

This Week I Learned:

• Chrome DevTools can list the event handlers registered on any element.  Visual Events is a nifty bookmarklet that shows the events attached to each of the elements in a webpage. 
• MiniProfiler is a minimal but very effective tool for .NET and Ruby applications. It's targeted primarily for data access performance problems and supports ADO.NET, Entity Framework, LINQ-to-SQL, and other data access technologies. 
• The size of the Indian e-commerce market last year was estimated to be only between $1-2 billion. These estimates exclude $6-7 billion worth of travel bookings that are made online. Amazon's 2012 revenues were over $61 billion
• Irony - Hewlett-Packard won a Rs 400-crore technology outsourcing contract from public sector lender Corporation Bank, beating India's largest IT firm Tata Consultancy Services and Wipro. The contract is for switching and managing the bank's core-banking software from the current version made by Chennai-based software company Polaris Financial Technology to Finacle, made by Bangalore-based Infosys
• AT&T joins Verizon, T-Mobile, Sprint, Facebook, Google in making money from your usage data (location, web browsing history, etc.) . There is research to show that 87 percent of all Americans could be uniquely identified using only three bits of information: ZIP code, birthdate, and sex, so even anonymization of data may not prevent a privacy breach. 
• Google paid AdBlock Plus to get its ads whitelisted 

Read More