Posts by happygeek

At the moment, the best way to report these kind of PM scams is to PM myself, deceptikon or ~s.o.s~ with a copy of the message recieved and a link to the member profile of the person sending it. We can then investigate and take the appropriate action, which is usually a ban in the case of these PM contact scam merchants.

An investigation by UKFast has revealed that it is possible to build a super-cracker computer for around the same price as your average low-spec budget desktop PC. Yet unlike your average budget PC, it is claimed that this cybercrime dream machine is capable of processing billions of password combinations per second.

Investigators from UKFast built this low budget but high powered password cracker using two readily available graphics cards to provide the firepower necessary to drive the processing of password combos at such an alarmingly fast rate.

Costing less than £400 ($620) this particular machine was built by the security team at UKFast and could crack a 'complex password' of six random alpha-numerical and special characters in under 90 seconds. Bog standard six character passwords were dead in under a second. Obviously, the longer the password so the longer the time to crack becomes providing that you stick to the non-dictionary and mixed alpha-numerical and special character construction method. Jump into the realms of the 15 character truly random password, which is my own personal baseline these days, and to be honest it's hardly worthwhile for the bad guys to bother with.

So why does this machine deserve the title of 'super cracker' then? Well that's simple and twofold: firstly, the vast majority of folk out there do not have long and complex passwords and many sites and services still restrict the maximum length of a password and disallow the use of special characters; secondly, …

Hello, and welcome (again) to DaniWeb!

Responding to a warning about not advertising in posts, with an advert in your post, is not a brilliant start. Same advice applies, please read the rules before continuing. That way you can enjoy the DaniWeb community without falling foul of the rules and the mods.

Welcome - however, having now seen your second post I would seriously suggest you read the rules regarding advertising in DaniWeb forums before you post a third...

yes, a router has it's password to protect from being hack..

Although it should be pointed out that you should always change this ASAP as the generic router defualts can easily be found by doing a simple Google search.

With the London 2012 Olympics due to open in just a few days time, the expected push by the bad guys has started. No, I don't mean the banning of wearing Pepsi T-Shirts in the Olympic Stadium as it might upset official sponsors Coke, or the fact that nobody is allowed to sell chips other than McDonalds or even the undemocratic powers given to law enforcement in the UK to prevent people using certain combinations of 'Olympic-related' words in their advertising. No, as if all that were not bad enough, the bad guys in question are the cyber-criminals looking to exploit the intense interest in the London 2012 event in order to distribute malware and steal data.

It's all too easy to let your guard down and slip up with regards to which links are being clicked when faced with a torrent of information to choose from surrounding an event such as the Olympic Games. The use of London 2012 themed content to distribute data stealing malware is ramping up now, and is perhaps best exampled by those using social media as the distribution channel. Take the as yet un-named, and un-detected by the vast majority of antivirus solutions, Pushbot variant which has been highlighted by a Polish CERT advisory (translated into English here) and uses Facebook, MSN and Skype as the attack vector. Obviously the folk behind this malware are serious about the money making potential it has, with code obfuscation to …

Go virtual, where there are plnety of geeks to hang out with. Hint: you are in the right place right now at Daniweb.

PS. I really don't think that having girlfriends or not has any bearing on geek status. If you have had five girlfriends this year then I would day you need to develop your emotional side a bit more, so that you can enjoy just having one girlfriend that hangs around...

The situation has been explained fully in my piece. Yes it is a true article. Yes six million passwords were leaked. If yours is not amongst them, congratulations. However, just becuase 'nothing has changed' does not mean your password was not compromised and I would still recommend that you change it as a matter of course.

The results from what is claimed to be the most comprehensive global online job trends survey, the 'Fast 50' Q2 2012 report took data from 190,000 online job postings as an indicator of the global online employment economy. Some of the findings are surprising to say the least, such as how the Facebook IPO fiasco has impacted negatively upon employment within the social media sector and why Apple is leaving Android in its dust.

The Facebook IPO 'fizzer' has seen Facebook related jobs fall by 14% in the quarter, and Freelancer.co.uk (the authors of the Fast 50 report) reckon this is entirely down to advertisers and social media experts questioning the effectiveness and return on investment of social media advertising. With Fortune 500 companies either pulling or contemplating pulling big ticket advertising following bad publicity surrounding the Facebook IPO, social media as a whole has suffered. Twitter jobs, for example, dropped by 1.3% and social media jobs across the board surprisingly stalled at 1.1% growth. A Forrester analyst, Nate Elliot, reckons that "companies in industries from consumer electronics to financial services tell us they're no longer sure Facebook is the best place to dedicate their social marketing budget" which must come as a shock to anyone when you consider just how dominant Facebook is within the rapid growth social media market sector.

But the stalling of social media job prospects and the decline in Facebook specific jobs are not the only surprise to emerge from …

Welcome back then :)

I don't think you really meant to post that as a comment to my news story, did you? :)

It's not often that Microsoft recommends that Windows users should disable a much hyped part of the OS, but that's exactly what has happened regarding the Windows Sidebar and Windows Gadgets found in Windows Vista and Windows 7. Microsoft Security Advisory 2719662 clearly states "Disabling the Windows Sidebar and Gadgets can help protect customers from vulnerabilities that involve the execution of arbitrary code by the Windows Sidebar when running insecure Gadgets" and Microsoft even provides a handy Fix-It tool to do the job for you. So what's all the fuss about, all of a sudden?

Well the simple answer is either 'Black Hat 2012' or "Gadgets have always been insecure but now someone has actually noticed the fact". The someone in question being Israeli security researcher Mickey Shkatov and infosec professional Toby Kohlenberg who are planning to reveal just how insecure the whole Windows Gadget Platform actually is on July 26th at Black Hat USA in a briefing aptly entitled 'We have you by the Gadgets'.

The briefing promises to reveal "a number of number of interesting attack vectors that are interesting to explore and take advantage of" as part of their "research into creating malicious gadgets, misappropriating legitimate gadgets" and "the sorts of flaws we have found in published gadgets". Microsoft notes that gadgets installed from untrusted sources can "harm your computer and can access your computer's files" and perhaps importantly change their behavior at any time so …

If the news that the Yahoo! Contributor Network user-generated content site has been breached and more than 450,000 usernames and passwords compromised as a result wasn't bad enough, look behind yesterdays headlines and the situation is revealed to be much, much worse. If you were one of those folk who signed into the Yahoo! Contributor Network with your Gmail or Hotmail credentials, then those accounts are also obviously now compromised.

The D33Ds Co hacker collective has published a file containing all the login data from the breach, which appears to have been as simple as the most basic of SQL injection exploits. No, seriously: Yahoo! (one of the biggest Internet brands on the planet) appears to have fallen victim to one of the easiest of all security vulnerabilities to defend against.

If that wasn't bad enough, the login data of paired usernames and passwords also appear to have not been encrypted and just sat there on the database in plain text format. At least the LinkedIn breached passwords were hashed, if not salted, whereas Yahoo! apparently couldn't even be bothered with basic encryption of any kind.

It's not even that Yahoo! can blame the Associated Content site that it acquired for $100 million and turned into the Yahoo! Contributor Network for the lax security measures. That acquisition was two years ago now, plenty of time for Yahoo! to have sewn it up tight. The statement from Yahoo! that "we take security very seriously …

Ah, but the whole e-ink thing is irrelevant if the iPad Mini is competing with the Kindle Fire which also has no e-ink.

Forget iBooks, it's a dead duck in this argument. Apart from a few magazines, everything I buy and read on my iPad is via the Kindle Store and the Kindle App.

Forget the free 3G red herring as well, the point is that if you are buying an iPad Mini then you will have connectivity (I've got great all I can eat data via Three on my ipad as well as WiFi) and what you are actually getting 'for free' is the eBook reader itself. I doubt anyone will buy an iPad Mini just to read books, but if it is priced the same as the Kindle Fire and does a whole lot more a whole lot better, why would anyone in the market for that particualr device not buy the iPad Mini instead?

A week may be a long time in politics, but 18 months is an absolute aeon as far as computing is concerned. Back in October 2010 here at DaniWeb I was posing the question of whether the newest Amazon Kindle could be an iPad killer and came to the almost inevitable conclusion that as far as reading books was concerned, then yes it was. Soon that boot could be on the other foot with ongoing rumours that an iPad Mini will be on sale in time for the seasonal rush at year end, backed up by what are claimed to be 'engineering prototype sample' photos published this week. Can the iPad Mini actually be a Kindle Fire killer?

The iPad Mini would, if the rumour machine and those leaked prototype photos prove to be genuine, measure around 213mm x 143mm, compared with 185mm x 241mm for the iPad 3. With a 7.85" display and an expected price tag in the $200 to $300 ballpark, the iPad Mini would not only be competing with Google Nexus 7 but perhaps more pertinently as far as this article is concerned, also with the Amazon Kindle Fire. At this price point don't expect too many bells and whistles, so no high definition retina display for starters and both the camera count and storage capacities are likely to suffer as well when compared with the iPads we have today.

Why would Apple even consider such a …

Dani, Google Labs is one of the things that Google has closed so don't expect too much innovation from there in future...

we’ve decided to wind down Google Labs. While we’ve learned a huge amount by launching very early prototypes in Labs, we believe that greater focus is crucial if we’re to make the most of the extraordinary opportunities ahead. In many cases, this will mean ending Labs experiments—in others we’ll incorporate Labs products and technologies into different product areas. we don't have any plans to change in-product experimentation channels like Gmail Labs or Maps Labs. We'll continue to experiment with new features in each of our products

Bill Coughran, SVP for Research and Systems Infrastructure at Google, July 20, 2011.

Of course, before anyone even considers using a 'buy followers' site, no matter how the site in question tarts it up that's essentially the service most are offering, you should first consider that doing so is in breach of the Twitter terms and conditions and you face having your account suspended as a result. Hardly the best marketing strategy on the planet then...

As AD says, I think the best legal advice would be to go see a lawyer if you want the best legal advice.

A cup of freshly brewed espresso and a banana; the perfect breakfast or what?

What do you mean? The article explains what happened. Hopefully everyone has changed their LinkedIn password as a matter of course, whether theirs was 'leaked out' or not. As for LinkedIn itself, it has been implementing a long overdue change to salted hashes for member passwords.

If I am bored I work. When I am bored of work I read. When I am bored of reading I listen to music. If I am bored of listening to music I am usually asleep...

Welcome back it is then :)

@Jim: thanks, I do my best to make them both varied and interesting to appeal to as many folk as possible.

@Dani: no sign of the newsletter here either yet, was going to PM you today about it funnily enough.

Welcome to DaniWeb Mike, here's hoping that we can help you in your journey.

I've noticed the cursor placing being off during editing as well Walt.

UPDATE: Read what Acronis 'Chief Customer Officer' Ed Benack told DaniWeb late on Sunday about the cause of the leak here.

Acronis responds to DaniWeb questions regarding a leak of customer data which, as we exclusively reported over the weekend, resulted in some information being indexed by search engines and accessible to anyone on the Internet.

Although the leak itself was identified by Acronis on Friday 29th June, the email informing those customers whose data was included in the spreadsheet that ended up exposed only went out late in the day on Friday 6th July. DaniWeb itself was only made aware of the problem, by one of those customers, on Saturday morning. As a result, contacting someone at Acronis for an official comment regarding the incident proved a little tricky. However, Acronis did swing into action and the relevant people were tracked down in order to provide that comment which arrived very late in the day (well, night here in the UK) on Sunday.

Here's what Ed Benack, Chief Customer Officer at Acronis Customer Central told DaniWeb about what actually happened:

"We have a strict content management policy that applies different access rights to our Knowledge Base, depending on content – for example, some may be Partner only, some may be Customer only. For reasons we are still investigating, the access control list reset to the default setting, making all content visible, temporarily. The vast majority of this content in the Knowledge Base is not sensitive or confidential, however it did contain an older spreadsheet listing just the email addresses of customers who …

For general forum purposes, I fail to see how views when applied to requests for help etc are of any practical use. Does it matter if 1000 people have read the question if nobody has answered it? Likewise, does it matter if only one person has read it if that person has answered it accurately and to the satisfaction of the OP?

That's interesting Dani, as much has been made of Facebook's adoption of (and devlopment hand in) NoSQL over the last few years. NoSQL bandwagon marketing hype more than practical reality then?

Ouch! That one is definately spot on, Rev...

Facebook uses a NoSQL database system rather than SQL for its query language (as do Amazon and Google for example) and these are designed specifically to handle 'Big Data' by scaling across a huge number of machines. You can probably find out more by doing a Google search on Facebook and Cassandra, the NoSQL implementation it developed in-house as a cross between the Google BigTable database and the Amazon Dynamo system.

Good question. Some tweaking of the 'related article weighting' algorithm required methinks.

Equally, this post is giving me a related article suggestion of Signatures which doesn't seem that related either.

All that said, I've found that more often than not the related artcile suggestions are, indeed, related in some reasonable way - at least in my exeprience so far.

Ah. I just see that you posted another message in this forum explaining you are looking for a mentor in C++, well you have probably come to the right place for that as we have plenty of C++ experts who are happy to help out with specific problems you have and guide you in the right direction.

Hi Paolo, welcome to DaniWeb. May I ask what brought you to our community, and what you think of us so far?

In the UK you have little choice but to see an optician for your eye tests, unless you have a diagnosed condition that means you are under the care of an eye clinic at the hospital that is.

Recently we have all become somewhat over-exposed to the leaking of customer data courtesy of inadequate security allowing hackers to gain access to databases. The LinkedIn LeakedOut leak and eHarmony dating data disaster are good examples of the genre. However, let's not forget that sometimes no hackers are required to make a security and privacy slip up. Sometimes the in-house folk are all that is required to kick-start an embarrassing data leak. And that's what appears to have just happened to an undisclosed number of Acronis customers who have been sent emails informing them that "a spreadsheet containing a few email addresses and upgrade serial numbers" had been indexed by search engines.

One customer who received the email from Acronis, a company which provides data backup software and services, was Mike Hall who called the fact that it still included a default signature stating that "Acronis does not supply customer information to any third party" to be something of an epic fail in the circumstances.

The email, which went out yesterday afternoon, and is signed by Ed Benack, Chief Customer Officer, Acronis Customer Central, blames an unspecified 'technical issue' for allowing a spreadsheet containing emails and upgrade serial numbers to be "indexed by the search engine" and assuring them that no additional data was leaked which could identify individual Acronis customer accounts or put them at risk of breach. Indeed, the email insists that the spreadsheet concerned was only searched for …

Yep, the possibilities are endless. Unfortunately.

I guess they could use the same technique to pose as a Credit Card house and suggest that you dial the number on the back of your card to confirm they are who they say they are?

As far as I am aware, it's a pretty UK-specific (not sure how other countries handle call termination, although I understand in the US either party can terminate immediately) and landline-specific thing. May well be network-specific as well. My mother is with BT, and currently listed in the phone directory. I've told her to go ex-directory immediately although that won't make much difference until the next new lot of phone directories are printed.

As a three times winner of the IT Security Journalist of the Year award in the UK, I am used to writing about all kinds of scams. Whilst most of them try and weasel their way into the bank accounts of the victim through purely online means, increasingly the bad guys are turning to 'old school' conman trickery via the telephone. The most common of these in recent years has probably been the rogue antivirus Microsoft support call (using remote access to your PC to install malware and then charge you to supposedly remove it) followed more recently by the credit card bank fraud team call. But now there's a new twist: the dial 999 scam.

My mother is eighty years old and not in the best of health, having been diagnosed with heart failure. She is, however, as sharp as a tack mentally. What's more, being my mum, she has perhaps a better understanding of IT scams than most people of her age. Which is why I was somewhat surprised to get a phone call from her yesterday evening recounting how she had almost fallen victim to a scammer. The keyword being 'almost' as no information was revealed to the scammer that would enable her bank account to be pillaged. Thankfully, some of the advice I have given her over the years stuck. That said, this particular scam implements some new tricks that are new to both me and the police officers who visited …

As someone who has lots of current experience with vision loss (I don't wear this eye patch for fashion reasons me hearties) I would agree with The Rev. I have great respect for opticians, mine got me an emergency appointment with the consultant opthalmologist when I saw him thanks to a sudden deterioration in vision and thanks to that my Wet Macular Degeneration was diagnosed and the eyeball injection treatment started the same day, but he will readily admit that he's 'not an eye doctor' and the opthalmologist is the person to see for medical advice.

Since last fall, Google has either closed down or combined more than 30 different products. If you thought that was the end of the axe wielding, think again: another bunch of Google technologies are to bite the dust.

According to the General Manager of Global Enterprise Search at Google, Matt Eichner, the closures are part of a streamlining process that will enable Google to "focus on creating beautiful technology that will improve people’s lives" by ensuring the company remains focussed so as to prevent it from ending up "doing too much and not having the impact we strive for".

So, what's being killed off by Google now? Here's the full list:

Google Mini

First introduced in 2005, Google described this as offering "the simplicity and power of Google's enterprise search technology at a great price" via an integrated hardware and software plug-and-play solution. Eichner admits that the Google Mini has been an important part of the Enterprise Search product line, but has confirmed that it will be discontinued as from July 31st due to the same functionality being better provided by the Google Search Appliance, Google Site Search and Google Commerce Search.

Google Talk Chatback

A simple tool that enabled you to embed a 'chat badge' into your site so that visitors could chat with you via a Google Talk widget, this was both simple and effective. However, Eichner insists it is outdated and must go. So the service is being switched off. …

I like the trivia/question idea Dani. This could actually be posed in the newsletter one month with a link to a Geeks' Lounge article where members can post their answers, and a selection of the best/funniest published the next. A good way to tie in some member interactivity with the newsletter content.

As editor of the DaniWeb Community Newsletter, I always welcome your feedback as to what I could do better. So, if there's anything you don't like about it, here's your chance to get it off your chest. Likewise, please do let me know what you do like as well of course.

However, the main point of this posting is to ask for your suggestions for new features that you would like to see covered in the newsletter. What's missing that you think would make it a better, more interesting and more useful read for the community?

Indeed, long overdue methinks.

The Google Glass wearable computing 'enhanced reality' project got off the ground this week at the Google I/O Developers Conference in San Francisco earlier this week. Around 6,000 developers were present to see a demonstration of the futuristic technology which integrates a small video-display suspended from the arm of the headset which is worn like a pair of spectacles. Complete with Internet connectivity, a battery in the arm and the ability to change the perspective of the video stream as you move your head, the Google Glass prototype is no heavier than a standard pair of sunglasses and just as comfortable to wear.

The good news is that Google Glass is no pie in the sky vapourware project. The proof of that came when the pre-order books for the Google Glass Explorer Edition were opened at the conference to enable developers to start creating applications for the device as soon as possible.

The bad news is that those developers who do pre-order, and at the time of writing it is thought that in excess of a thousand have done just that, will have to wait until next year to get their hands on the prototype device. What's more, it will cost them $1500.

The worse news is that if you are a developer who wants to get a heads-up on the heads-up wearable computing revolution that Google Glass could just kick-start, then you are most probably out of luck. Unless, that is, you were …

it's going to be hard to judge. I wouldn't want to anyway

Oh, but that's the beauty of it: you can judge it, along with every and any other member of the DaniWeb community.

Personally, I like it. Very helpful when editing news and review articles to be able to see the layout etc before I hit the publish button.

So a yay from me, but with the nay proviso that maybe making it toggle on and offable wouldn't be a bad compromise idea for those who hate it?

Glad you like it, and good to have you both back!

And I guess I will close this thread again seeing as the time travel spammers have woken up...