Goodbye Click

I wanted to put some ads on my site to help out a friend. However the ad program does not allow you to put ads on sites featuring hacking. Ouch. So I cleaned up my house (blog) a little bit. Got rid of the blatent post titles referencing hacking. Just did a little renaming.

The hard part was that I had to delete my first couple posts that were about my old Click program. That little prog had nothing but evil intentions. So it had to go. I left all the other programs up on my blog. They all have legitimate purposes. They can still be used for evil. But none of the remaining ones are not inherently or specifically for hacking.

I find that most of the programs I write are to solve a certain personal need. For example I am working on a custom program right now that quickly backs up my PC. It concentrates on the most important data files and software configuration. Now I need to do a lot more testing before I post an alpha or beta version here. You don't want to mess around with backup software unless it is pretty solid. However this program has nothing to do with hacking. It has a lot to do with the technical side of Microsoft Windows. And I think that is good stuff. Expect more of the same here on my blog in the future.

AVG Ownage

Recently I have been having some problems with my Windows machine. I suspect some type of virus is acting up and causing erratic results. So I was interested to read a recent article on Malware. The author said he tested out some web sites on the Internet that try to trick the user into downloading some bad code to this computer. The author said he used AVG antivirus software to detect and remove the malware. So I thought I would give AVG a try for my own computer problems.

I was a little disappointed that the AVG web site did not seem clear on how to get the free version. It kept trying to get me to pay $4.95 to buy a copy. Now if AVG could actually correct my Windows problem, I would be happy to pay them a lot more than 55 bucks. But I needed the proof first. I thought I got to the place on the AVG web site where I could get the free edition of the software. However it turns out it was just a trial version of the software. I figured that would help me determine whether the software could resolve my problems.

The AVG antivirus install program was a huge download. And I have a high speed broadband connection. However I still had to wait a long time for the download to complete. When I installed the program, it immediately found some problems. I chose the option to fix these problems as a power user. But I was a bit disturbed that AVG warned me that this might cause the computer to go into a unstable state. WTF? I proceeded anyway. Then I got really annoyed when AVG kept popping up windows asking me if I wanted to fix the same problem over and over again. This pop up could not be closed with the normal Windows close button. Is this a virus removal program or an actual virus program I had just downloaded?

Finally I chose to actually run a virus scan. It detected a couple problems that looked promising. Then AVG told me I needed to reboot my machine. I accepted this action. However on reboot, Windows said it could not find my profile. It loaded the default profile for my computer. Oh no! All my desktop items were gone. So were my Internet Explorer favorites. I was in a panic state. So I immediately uninstalled AVG antivirus from my system. Luckily another reboot got my profile back. Here are some lessons I learned:

• Back up your files
• Don't not store anything on the Windows desktop
• Do not use AVG antivirus software

I thought I heard somebody say AVG is one of the common antivirus software. From my first experience, I cannot imagine anybody putting up with their poor web site and software with loads of problems. I almost got owned by AVG. Do not do the same.

Computer Virus Infection

Lately I have been getting a strange popup on my Windows machine. The dialog says “Error: Runtime error 216 at 7C9105F8”. It is annoying since it becomes the top window when it pops up. So I will be typing in another window, and this error will pop up and grab the focus. The other day this was happening every minute or so. What am I supposed to do? I tried to do a Google search on the exact error. However the only hits I get say I should run an up to date antivirus program on it.

So I install a copy of McAffee VirusScan that I have. Then I immediately update the software to get the latest virus definitions and patches from McAffee. As soon as McAffee starts up, it keeps giving me warning messages about e-mail problems. That is strange since I am not even running my Microsoft Outlook. I take a look at the McAffee e-mail problem log that the software has been collecting. That’s when it hits me. I got some spam software installed on my machine. And the darn thing is sending out spam e-mails as if they were coming from me.

The funny thing about all this is the topic of the spam messages that the rogue software is trying to send from my machine:

• Q1a: Wicked meds
• Don’t you wanna be horny again?
• Man is a Man!
• Z4: Unsure and hesitating?
• You will feel confident in sex
• Keeping the male problem to yourself?

LOL! This is tragic but still very funny. So I chose to let McAffee find and disinfect all the viruses it can find. The bad thing is that McAffee is really slow. It seems to weigh down my system. After it found all these problems and eliminated them, I still got the original error message that caused me to seek help in the first place. Darn McAfffee. At least it does not happen as frequently. Maybe McAffee did rid me of other problem software running on my machine. But I don’t care about that. I removed McAffee from my system.

Does anybody have any advice on how to combat the Runtime error 216? I really want to know.

Viral Avril

Last night I checked out the “Girlfriend Gets to #1 With Viral Marketing” post on the VOLTAGEblog. The headline was that that spot for the #1 video of all time on YouTube got hacked. Currently “Girlfriend” by Avril Lavigne holds the number one spot. Here is a link to the video: here is the link http://www.youtube.com/watch?v=cQ25-glGRzI

There is a good story behind how the video got to #1 of all time. Previously another video held the title for a couple years. Then the fansite Avril Bandaids launched an application that was rumored to make Girlfriend the #1 video. The goal of this application was to reload the video every 15 seconds. In that way, the small base of fansite members could run the application all day long.
YouTube already caps the limit of video views which count to 200 per day. Even if the fansite had a lot of members, launching the app and running it all days would make little effect on the position of the video in the rankings. The real scoop was that the press got wind of the idea that this fansite was hacking the YouTube rankings. As a result, people heard about the hacking and decided to take a look at the Girlfriend video. It was these users that catapulted the video to the top.

The genius behind this effort was that Avril BandAids had this viral effect in mind all along. They did not plan their users to make a dent in the video rankings. In the last few months there were around 100 million views of the video in YouTube. The fansite members maybe contributed about 100 thousand of these views. The fansite members work themselves had no material effect on the outcome. The viral marketing ruled the day. And that is what I call a true hack.

XML at Learning Tree

I have been very busy this week. I was enrolled in a class on XML at Learning Tree International. The official course number was 542. And its true title was "XML: A Comprehensive Hands-On Introduction".

To tell the truth, the class was not all that great. I say that considering that the price of the course is $2650. Part of the problem was that our particular instructor was not stellar. This may not be indicative of the Learning Tree in general. I remember much better instructors in the past. This particular instructor was quite a dictator. And the instructor had trouble answering some of the questions correctly. Previous instructors would note down the few questions they did not know the answer for, and produce a correct and comprehensive answer the next day. Our instructor just guessed, came up with wrong answers, or just stated a lack of knowledge. Weak.

My post is to pass on information about the final exam in the class. There were at least 3 different versions of the exam. However I presume they had the same questions, but asked in different orders. I cannot give you the exact questions and answers. However I can share the information you need to know for well over half of the 40 total questions:

1. XML elements are case sensitive
2. Text in elements are called PCDATA
3. The entity for the quote character is "
4. Processing instructions are for applications parsing the document
5. Well formed XML elements do not overlap
6. Namespaces are used to uniquely identify elements/attributes
7. The namespace name is the URI (e.g. http://black-of-hat.blogspot.com/)
8. The QName is a prefix (alias) plus local part (e.g. boh:HackedElem)
9. Elements are better than attributes because they can be duplicated and can have subelements
10. The DOM (Document Object Model) is language independent
11. Tree based processing is slow
12. @name will select the attribute "name" in XPath
13. XQuery reformats the XML to another XML format
14. DOM getElementsByTagName function always returns a NodeList
15. DTD (Document Type Definition) limitation is that they are not in XML format
16. The root element in XML Schema is always schema
17. XML Schema attribute minOccurs attribute set to 0 means optional
18. Complex XML Schema types with required order of contrents is "sequence"
19. XPath expressions starting with a slash are absolute paths
20. XSL-FO generates PDF format
21. Web services is platform independent because it uses the open XML format for messages
22. You define SOA (Service Oriented Architecture) services with WSDL
23. AJAX is the acronym for Asynchronous JavaScript And XML
24. You can secure XML via HTTPS

I wrote extensively about my class learning experience in my Software Maintenance blog. There I give an introduction to XML. I also write about XML Parsing. I document XPath and XQuery. We covered XML and Databases, and also the DOM. There is also information on XML Schema and XML Schema types. I have a post dedicated to XSL and XSL-FO. Finally I cover SOA and AJAX.

Free Subway Cards

A couple guys wanted to present their findings at DefCon this year. Their presentation was entitled “Anatomy of a Subway Hack”. This was a most interesting topic and presentation. I saw the slides posted from an MIT web site. Let me first give respect to the original authors Russell Ryan, Zack Anderson, and Allesandro Chiesa. Their paper reviewed many ways that the Boston Metro was vulnerable to easy hacking. I thought I would review some of there findings here in the interests of spreading the high level ideas.

These guys found the physical security of the Boston Metro to be weak. They had photos of computer screens which were easily visible to them. They also had photos of times when absolutely nobody was manning the metro surveillance center. These guys had found that metro employees would carelessly leave their IDs laying around. They also reported that much of the metro security uniforms could be purchased on Ebay.

Then the presentation focused on the data stored on a fare card. They determined this by reverse engineering some test fare cards they purchased. This was done with hardware costing a couple hundred dollars. There were a lot of fields stored in the fare card magnetic strip. The ones of interest to me were the ticket number, ticket type, dollar value, number of uses, and the check sum. That list alone sheds a lot of light on the fare card data.

Now on to some other weaknesses discovered by the boys. The fiber network switches that connected the fare card vending machines to the network were in an unlocked room. They had one word on how to make use of these switches: Wireshark. LOL. The guys went on to built a “warcart” that had all the hardware needed to hack the Boston subway. They reported that the police discovered them and they had to retreat. No big deal for that.
Recently I heard that a court is blocking these guys from presenting their information at DefCon. Groups are coming to their rescue citing First Amendment rights. I do not know the outcome of the case. I do know that these guys have seriously done their homework on hacking the metro system. I suspect they have a lot of money on their fare cards at the moment.

Revenge

On vacation I went to a military surplus store. Of all things it was named Top Gun. They had an interesting book section there. I came across "The Revenge Book" by Bob Smith. This is an oldie but goodie on how to get even with some jerks. It was a used copy of the book. Now get this. The book retailed for $6. But it was being sold for $17. Who knows? Maybe it was an out of print book or something. I ended up getting a big picture of a Vietnam helicopter instead.

When I got home, I looked the book up on Amazon. There were a lot of copies for sale. I chose a used copy. One seller in Amazon marketplace was offering a used copy of the book for 13 cents. I placed my order immediately. The book came in less than a week. Thanks greatbuybooks.

Now this book is only 81 pages long. But it has precious ideas on dirty deeds. Some of the ideas you could think about. Others are plain evil would have never crossed my mind. Here is a short excerpt:

Call the victim's toughest neighbor. Tell him you work down at the local bar (or restaurant or garage) and that the victim has been down there badmouthing him

If you know of a specific squabble between victim and neighbor, say the victim was discussing that when he made his uncomplimentary remarks. Tell the neighbor you didn't really want to get involved, "But I don't think anybody should be talked about the way he talked about you..."

Bobby Fischer

Have you ever heard of Bobby Fischer. I bet you have. He was the only American to ever win the World Chess Championship. He started out as a chess prodigy when he was young. And he quickly became a grandmaster. This guy was not a programmer. But I think he would qualify as a hacker of the highest level. I am writing this blog post because I just found out that Bobby died this past January. I guess I was working too hard to be paying attention to non-computer news such as this.

Fischer achieved his World Chess Championship win back in the early 1970’s. He conquered Spassky for the title in Iceland. However when it came time for him to defend his title, he was unable to achieve consensus with FIDE (the organization that runs the competition). So he forfeited his title to Karpov. However Bobby claimed that he was still the world champion. He states that he only relinquished his title back to FIDE.

Many people consider Bobby Fischer the greatest chess player of all time. Others definitely rank him in the top three ever. I used to play a lot of chess online in Yahoo Games. It would always crack me up when people would log on with names like Bfisher. Usually these were the bozos that sucked at chess. I would give them a hard time too. It was not like I was a chess master. However it was inappropriate to masquerade as Fischer if you were not top notch. Back in 1977, Fischer played three games against an MIT chess computer program. He totally owned the computer, beating it 3 games to 0.

Twenty years after winning the World Chess Championship, Fischer and Spassky had a rematch in Yugoslavia. The United States had an embargo against that country at the time which included matches like this. Fischer proceeded with the match anyway. This got him in trouble with the law. Eventually Fischer was detained in Japan. He called on the country of Iceland (where he first won the title) to grant him citizenship. They eventually agreed and he was released to Iceland.

Fischer remained in Iceland until his death this year. There is a lot more to his story that can be revealed in a short post such as this. I encourage you to buy a book or two on this great chess hacker. Bobby, wherever you are, my black hat is off to you buddy.

Port Knocker

I read an article somewhere about a new security practice known as port knocking. It sounded like a smart idea. Its goal it to make it difficult for TCP/IP port scanners to detect which ports are active on a given machine. The technique it for the machine to initially respond to requests as if all network ports were closed. That way hackers that are doing scans assume the machine is tight and move on to another machine. However the machine is trained to look for a certain order of port checking, and when the correct sequence is followed, to open up a specific port.

For example, the machine may be configured to look for checks on ports 1200, 2556, and 10780. When that sequence is followed, the machine will report those ports as being closed. However it would then open a port such as 3995 to the requester of the previous three ports. This seems to be quite a scheme.

There are a good number of ports (65536?). That alone is not the number that counts though. The possible attempts that need to be tried grows astronomically when you consider that the system is looking for a specific set of port access attempts in the correct order. I will confess that I do not know the match to compute the total number of attempts that this space would include. But my guess is that it would be on the order of 65536 factorial. I think that constitutes as being secure.

The only drawback I might imagine from technique is if a malicious entity is scanning other network traffic that arrives at the machine. Then a smart program may be able to decipher the combination of port knocks required to open up a given port. At that point the security would be compromised. This may be a question I need to pose to the inventors of the port knocking algorithm. However I still think this is a great invention which rides on top of something that currently exists.

Reword Example

In my last post I released an early edition of my Reword program. And I promised an example so here it is. I took the text from a blog post entitled Printing Problems. Then I ran this input text through Reword. I will confess that it took a long time for the program to process these couple hundred words of input. When it was done, it produced the following jibberish. But hey. Some of the output text is funny, don't you think?

betimes I dip into books about female crumb com that I dearth to acquire à la mode the future. Since I am an advanced coach altruistic about guy, I alike to copy abroad the tome data so I container contemplation at them about article later. although I hold constitute that female has problems issue the tome fine print mesh pages. I commonly acquirement a abyss sheet when I crack to copy an female mesh page. betimes I acquirement a fancy-free sheet which is piece about an advertisement. I little am capable to copy abroad the tome information. So I recourse to copying the mesh announce to a Microsoft saying document. Then I copy the saying bill to acquirement the information.

actually since female is such a considerable company, I am certain they apprehend active this problem. mayhap this is divers separate about blueprint to coercion me to acquire the tome accurate away. alternative mayhap they acquit denial dearth me to copy the info also depart to a insular bricks also mortar tome store. Whatever the reason, I doubt this abnormality does denial adversely force their sales. It ability flat aggrandizement sales. besides I appropriate acquit denial alike it. I academic I could bang the hornets' nest to Amazon. besides assuming this issue hornets' nest is accomplished along design, I ability crack to bonanza a avenue to amerce Amazon. I could box office my incorporated elsewhere. auspicious for Amazon, the ease about the ceremonial from them is adroit good.

I dearth to box office these bum experiences to heart. The software I factory about should never act alike this. assuming you fourth estate print, I would dearth my software to accurately copy what the user sees alternative expects. actually my project’s software entourage is buyer server. So it may breathe easier to guaranty success. besides that is denial to articulate that we discretion denial drift to the mesh erstwhile à la mode the future. At that acicula I discretion dearth to assure my users issue experiences are good. It is optimal to breathe a buyer earliest so you container altruistic the afflictive from problems. That makes you a motivated aid developer.

So away I container bethink divers problems when our buyer does printing. Mostly they chew on about discharge issues. betimes printouts acquit denial demonstrate elate also box office a age to reset antecedent the users container crack to copy again. I cerebrate it may breathe period to accrue elate my sleeve also acquirement to factory about our acknowledge issue problems. I acquit denial dearth to breathe the kettle appellation female crumb com black. To acquit so would breathe hypocrisy.

Reword Version 1.0 Released

It has been a while since I released any software on my blog. So here is a beta version of my Reword program. This program shall take a text file, and generate an output file which "rewords" the text. It does this by locating a synonym for each word in the input file. For now the input file must be named "in.txt" and be in the same directory as the Reword program. The output file is always named "out.txt".

Here are some big limitations with the program:

• It is painfully slow
• The resulting text is hard to read
• You cannot choose the input and output filenames

Here are some minor issues with the program:

• You cannot easily exit while it is rewording
• It does not keep capitalization
• It also loses punctuation

The major improvement would be to make this program run faster. The program actually goes out to an online thesaurus for each word in the input file. This is the slow part. I figure I could continue to go to the online thesaurus. But there is no reason why the program needs to do this one word at a time. I could lookup all the words in each sentence at the same time. This could easily give a 10 times speed increase.

I initially had another idea. I could build the thesaurus into the program. This would make the program run ultra fast. However the program size would become huge. So I did not want to do that. Let me know what you think. I will follow up with another post showing an example of Reword output. I have found that the program is able to reword almost 50% of the words in the input file.

Netflix Throttling

I subscribe to the "3 at a time" Netflix membership. You can rent 3 DVD at any time. When you return the DVDs, Netflix is supposed to send you more. My plan allows me to rent as many DVDs per month as I want. The only catch is supposed to be that I can have at most 3 out at any time.

So one would think that I should watch the DVDs as soon as possible and return them. That way I will get more DVDs per month. Obviously this will cost Netflix more even though I pay the same fixed cost per month. In response it seems that Netflix artificially delays shipment of my DVDs when I watch and return them too fast. Other Netflix subscribers have noticed this phenomenon as well. It is called throttling.

What is a hacker to do? Well I want to try and game the throttling system. I want to convince Netflix that I am not returning the DVDs too soon. My first idea is to stagger the return of my DVDs. I will try sending at most 1 DVD back per day. Previously I would send all 3 on one day, and my replacement DVDs would be delayed. Let's see how this works. I wish I could look at the code that implements the throttling on the Netflix side. Then I could see if there was anything I could do to get more DVDs. I could always vote with my feet and switch to Blockbuster. That option is still in my mind. I will keep you posted on my anti-throttling results.

Wireless Safety

Last week I took a little vacation from work. Checked into a nice motel. They had information in the room on how to access their wireless network. I confess I had a little problem configuring my laptop to use their wireless router. Normally I hit a few keys at boot time to choose which wireless network to connect to. This time hitting the keys did nothing.

I was really surprised when my laptop was able to connect to the Internet. Then I figured out what was going on. One of the wireless networks I connect to is one with a Linksys router with the default setup. There must have been a similar setup close enough to my motel room for me to share their connection. Hey that's cool right?

Then I got to second thinking. I was about to access my company information using my secret password. And I also logged into e-mail using my password. Suppose somebody opened up a Linksys router in order to spy on unsuspecting chumps like me using their wireless access? Then I would have compromised some of my accounts and passwords. Hey. I was on vacation. I did not want to bother with figuring out why my laptop would not let me choose another wireless network. So I just logged in, did my business, and got on with my vacation. Did I make the right choice?