Posts filed under ‘Internet’

BOTS on ORKUT

Yeah, it is true. The BOTS haven’t spared Orkut. If you are a frequent user of this Social Networking Site, the fact that Orkut has recently enhanced its security measures might not have escaped your notice. It now asks you for Captcha when you enter any URL in our status message or as part of a scrap. At the same time, if you send an alarming number of Friend Requests in a short span of time, you are asked again for Captcha, for each subsequent Request you send. For those unaware of the terminology, CAPTCHA is the technical term to describe the test where in you are shown an image, consisting of alphabets and numbers (often distorted so as to not look like the ones typed in the usual fonts) and asked to type the same in a text box. Well, Captcha was introduced so as to make sure that the user was actually a real person and not some software program; it was argued that a software program could not identify the characters from an image. As secure as it might sound, it is a fact that programmers/hackers around the world have outsmarted the captcha developers; and the sad truth is, the hackers have been aided by the developers themselves.

Well, I had suspected long ago that there was something fishy about Orkut’s sudden interest in its security. However, it was only recently that I found traces of BOT activity in my Network, and began to delve into the subject further. To begin with I received friend requests from people who were already in my friend list. Evidently, their account was being cloned. Then again, I have received a lot of Friend Requests recently from unknown people, all of them with the same message.

orkutfriendrequest

Take a minute to notice the short message with the request.
Besides, you get those advertising scraps all the time; it is more often than not BOT activity.


What are BOTS?
Internet bots, are software applications that run automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone. If you have chatted on Yahoo, you are sure to have encountered a BOT sometime. Chatting bots can chat. Needless to say these BOTS have a limited vocabulary; they have a fixed set of responses that they send other users. It is pretty easy to tell apart a BOT from a human user merely by interacting with it for 2 minutes; it is bound to make irrelevant comments at some point.


What can BOTS do?
BOTS can be used for commercial purposes, advertising.
BOTS can be for spamming.
BOTS can be used to coordinate and execute an automated attack on networked computers, such as a denial of service attack.
BOTS can be used to bring down a Website’s responsiveness by sucking bandwidth by downloading entire web sites and sending automated requests.

There are other capabilities of BOTS but I’d appreciate if you look those up on wiki.


Why Orkut?
Orkut.com is a social networking website owned by the industry giant GOOGLE.This means orkut is very big and anyone can take advantage of its millions of users to sell his products and services.

But it is not as harmless as it sounds. Needless to say, your privacy can be invaded by BOTS if they have access to your profile page, your scraps and your images. I’ve heard of instances where hackers with malicious intentions have grabbed such information about a user and opened bank accounts/ applied for duplicate social security cards with the victims’ identites and done similar stuff, cheating them of their resources and often commiting crimes pretending to be the vicim. It can get bad!

BOTS can also be use to install virus or other spyware on your system which can in turn be used to eavesdrop on you and do stuff that you wouldn’t want.


How do BOTS get past CAPTCHA?
I’ve hinted at the answer to this question above. I found this statement on http://jetbots.com, a software company which specializes in programming BOTS and selling them:

*CAPTCHA Bypasser
We have just teamed up with a third-party CAPTCHA service and integrated their service in all of our bots (optional). You need to buy credits from a 3rd Party website, imagetotext.com and just type your user/pass in our software (if you want the software to bypass the CAPTCHAs) and everything is automatic from there – Just like you type the CAPTCHAs manually, the software will bypass the CAPTCHAs. We have added this service in our bots because we know that CAPTCHAs’ sucks :-) And on request of lots of our loyal customers, just like YOU :) Thank you.

It comes as no surprise. The Great Wall of China was so designed that it could not be breached. But it was breached only because the guard was bribed.

What can you do?
BOTS will be there; there’s nothing we users can do about it. Only the website developers can do anything in this regard. We can only exercise caution when we accept friend requests from people we don’t know. We must not put confidential content about ourselves that can be used to clone us. We must not click on links we don’t trust. What else?

August 12, 2009 at 11:03 am 1 comment

The Easy Proxy Switching Tool for Firefox : Multiproxy Switch

This document is particularly useful for people in Institutions where multiple Proxy Servers are deployed, for instance Engineering Colleges. In such places, often we feel the need to change the proxy configuration several times in the course of a small time interval primarily due to either or all of these reasons:

i)One proxy doesn’t let you open Youtube or Rapidshare (or any other website for that matter) while the other does.

ii)The proxy server you’re using is currently down.

iii)Certain Websites are cached on one particular proxy server so they’re faster if accessed using that Proxy Server.

iv)You like switching between proxies and you do it for the heck of it.

As the title might have suggested, this post is about using an addon in Firefox to do the task of switching proxies easier. If you are curious enough, you might’ve already googled on this topic or searched for Firefox addons from the Firefox>Tools>Addons applet. There are a number of addons to achieve the task at hand, namely SwitchProxy, MM3-Proxy Switch, Quick Proxy, Foxy Proxy, xyzProxy, Ticon, ProxyFlag, ProxySwitch; the list is quite long. The particular addon I use and I recommend using is “MultiProxy Switch”, and I list the reasons for this choice I made:

i)Most of the addons in the list are meant for only one proxy and they merely toggle it on/off which makes them useless for use in a multiproxy environment.

ii)SwitchProxy, perhaps the uncrowned king for achieving the task has not been updated since 2007. Firefox, on the other hand has been evolving rapidly ever since and its latest version 3.5.2 hit the world recently. Needless to say, SwitchProxy is not compatible with the later versions of Firefox.

iii)Most other addons are also incompatible with the latest Firefox.

iv)Foxy Proxy performs the task but it is a pain in the butt to configure it properly. It has no No-Proxy list which you can edit; rather it asks the user to manually feed in regular expressions/ wildcard sequences of instances of URLs and black-list/white-list them. This is a cumbersome task and not all of us are comfortable with wildcards and regular expressions. After spending half an hour trying to add the blacklists, I was frustrated at the sight of some websites being refused by the proxy server.

v)Multiproxy Switch is easy to manage, easy to configure.

vi)Multiproxy Switch is an experimental addon. Experimental add-ons are newer add-ons which have not yet undergone our public review process. They are allpha or beta versions. I like to try out new stuff; It is only by experimenting do you get to know the rules of the game.

Doing It. Adding the Addon.

Step 1: Go to https://addons.mozilla.org/en-US/firefox/addon/7330

Step 2: Check on Let me install this experimental add-on. Hit Add to Firefox.

Step 3: Restart Firefox to complete the installation.


Configuring it. Adding Proxies.
Ideally, after the installation, you must have a Multiproxy Toolbar below the address bar and a button in your Status Bar.
I personally don’t like to dedicate my browser space to addons, so I use the smaller interface: the Status Bar Button and hide the Multiproxy Toolbar. You could let the Toolbar stay if you wish or right click on the toolbar and uncheck it, to hide it. You can see it again by right clicking near the Menu Bar and checking it again.

Multiproxy ToolBar:
Myproxy Toolbar

Statusbar Menu:
StatusBar Menu

Now, to add proxies, select “Manage Proxies” in Toolbar or Statusbar menu, you will see this window:
Manage
Click Add Button.
Add Proxy

Now, you fill in the specifics and hit OK.


Switching Between the Proxies.
After you add the proxies, you will see them in the Status Menu and Toolbar Menu, just click one to use. In Toolbar Menu, select the proxy then click “Apply” button to use.

Enjoy

August 10, 2009 at 8:11 pm 5 comments

Open Multiple Homepages in Different Tabs in Mozilla Firefox

I was looking to achieve this on my Firefox in Ubuntu. Initially I was looking for some addon which could do this for me,at one point Juneja and I thought about writing a plugin which could bring this about. But luckily I found a trick that worked. I’ve seen it work on Firefox in Windows and Ubuntu.

The trick is,

In Ubuntu:
Go to Edit>Preferences>Main
In Windows:
Go to Tools>Prefences>General

Now in the Homepage text area,put the URLs you want to open simultaneously at Firefox startup, using ‘|’ as a separator.

For clarity, see the screenshot below
screenshot3

April 10, 2009 at 11:26 pm Leave a comment

Setting up a BroadBand Connection on Ubuntu

This post is for Ubuntu Users who wish to set up a BroadBand Connection on their systems.

step 1-> connect the broadband modem to your laptop using the ethernet cable

step 2-> now open the terminal window. in the terminal type :

sudo pppoeconf

step 3-> a text based menu program is activated which will guide you through the next steps, which are :
1. Confirm that your Ethernet card is detected. ( choose yes wherever u can )
2. Enter your username (this is the username provided by your Internet Service Provider)
3. Enter your password (this is the password provided by your Internet Service Provider)
4. If you already have a PPPoE Connection configured, you will be asked if it may be modified. ( choose yes   here too )
5. Popular options: you are asked if you want the “noauth” and “defaultroute” options and to remove “nodetach” – choose Yes.
6. Use peer DNS – choose Yes.
7. Limited MSS problem – choose Yes.
8. When you are asked if you want to connect at start up.(Choose no if u wish to connect manually. Choose yes otherwise )
9. Finally you are asked if you want to establish the connection immediately.

The job’s done. If you chose Yes in the last step, start using the connection.

If you chose No, you’ll have to manually establish the Internet Connection.

TO CONNECT MANUALLY

in the terminal type command :
sudo pon dsl-provider

TO DISCONNECT MANUALLY

in the terminal type command :
sudo poff dsl-provider

NOTE:
If you’ve been using Internet via a Proxy Server, you might have to disable the Proxy in your Browser.

April 9, 2009 at 9:34 pm Leave a comment

Gmail Email Galore

Recently while logging in to my gmail account I accidentally put an extra dot in my username. I was about to hit the stop button to rectify the typing error but I realized that even with “ the error” my gmail page loaded. Later I tried the same trick, putting the dot elsewhere in the username string; it worked still. I repeated the exercise several times, placing as many dots as I wanted and at random positions in the username string. It worked each time. Next I sent myself an email from my yahoo account to my gmail account, putting extra dots in the recipient gmail id. As expected, the mail was received.

Apparently the gmail server neglected any dots in the usernames. This was news. That meant any gmail user had infinite number of email ids, all sharing the same alphabetical substring. I searched on google to find out if it was aware of the ‘bug’. I found out it was no bug, rather a policy. Further, I learnt about a similar policy called the + addressing. This allows emails to be sent to UserName+ExtraText@gmail.com where the actual email id is UserName@gmail.com . “ExtraText” refers to any random string. For instance you could send me a mail on robinchandra19+gotohell@gmail.com in place of the plain robinchandra19@gmail.com. I would receive the mail and you would have your fun. But before you try this with your Boss’s mail id, know about the catch. The catch is: by reading the details of the email, the recipient can know the exact username string the mail was addressed to. Even the best of rogues leave trails!! Jokes apart, this can be used as a means of filtering mails into appropriate folders. Say, tomorrow is 14th February. I send mails to 100 hot girls and ask them to mail their rendezvous times to robinchandra19+exquisitedinnerfortwo@gmail.com . I can now filter all mails addressed to robinchandra19+exquisitedinnerfortwo@gmail.com and label them accordingly. Sounds great, isn’t it?

Try these tricks.

April 8, 2009 at 6:31 am Leave a comment

 

June 2012
M T W T F S S
« Mar    
 123
45678910
11121314151617
18192021222324
252627282930  

Blog Stats

  • 6,440 hits
Follow

Get every new post delivered to your Inbox.