kahrn's abode

Welcome to the new blog!

February 9th, 2010

Hey guys. I know a few people read this blog regularly and a few people are subscribed, and a fair few people find some of the articles very useful.

I decided to move from wordpress to my own domain because Iv’e been with wordpress for a long time now, but it is to restrictive for me and it is more economical to have the blog on my own server — rather than pay the price required for extra features on wordpress.com

The theme is temporary, and some of the content may display incorrectly. Hopefully these issues will be fixed as soon as I have time to work on them.

Posted in Categories: Uncategorized | No Comments »

Twitter hacked. Prognosis?

December 18th, 2009

According to various sources both official and unofficial (status.twitter.com, techcrunch.com) twitter was hacked last night.

It is reported that the hack was performed by a group identifying itself as the ‘Iranian Cyber Army’. The questions we need to ask now are: Was this the group that was really responsible? Or is someone trying to smear them? If it was them, why? Is it to prevent free speach in Iran? Is something big about to happen?

The most important question to many people in the west, of course, is — did they get any data?

Nobody really knows. Few media outlets are mentioning anything related to comprimised data.

The real answer is that nobody has a clue if they have any login data/personal data. My take is that if they are capable of modifying the DNS record to their own servers — then they would have been clever enough to harvest all of the information being sent to the twitter domains. This includes all data being sent via any API using login credentials for third-party site interaction.

If they were prepared and skilled, then it would have been a relatively simple task. Which means that we have tens of thousands (possibly even entering hundreds of thousands) of accounts that are potentially comprimised, If they were able to listen and log the data being sent to them.

If this is the case, then I advise you to change your password immediately. Even if you have not interacted with the API yourself in the last 24 hours, it is entirely possible that your login credentials are being used on a gadget/widget or third party site that MAY have posted login information while the DNS was comprimised, meaning your account is also potentially comprimised.

Tags: hack, hacked, iranian cyber army, Security, twitter
Posted in Categories: Computer Science > Security | No Comments »

My first Windows 7 gadget

December 6th, 2009

I have just finished developing my first Windows 7 gadget — Windows 7 Satellite Imagery gadget. It is a gadget that is capable of displaying the latest satellite images from all continents.

You can download it from:
gallery.live.com (Windows Live Gallery — primary site)

If you have any suggestions, feel free to contact me either by commenting on this post, sending me a message on twitter, or checking out the projects page (coming soon).

FAQ

How often are the images updated?
Every hour for UK and Europe. All other images are updated every 6 hours.
UK and European images have a processing delay of 20 minutes. All other images have a processing time of 90 minutes.

Where do you get the images from?
The MET office.

Tags: "Windows 7 gadgets", "Windows 7", "Windows vista gadgets", widgets
Posted in Categories: Computer Science > Software > Gadgets / Widgets | 4 Comments »

Gradually enlarging a form in C# .NET

December 4th, 2009

I thought I’d share a little snippet on displaying forms in .NET that allow a window/form to dynamically resize, without encountering GUI lockups (due to thread delays), and without having to know the original form dimensions. It’s relatively simple.

First you can define the intended size variables, and also create instances of the Clock class.

public partial class Form1 : Form
{

// Define the intended height and width
int INTENDED_WIDTH;
int INTENDED_HEIGHT;

// Create two clock instances.
Timer Clock1;
Timer Clock2;

Then comes the constructor for this form. In my case (and the default of C# .NET projects) is the Form1 constructor.

public Form1()
{
InitializeComponent();

// Define intended dimensions
INTENDED_HEIGHT = this.Height;
INTENDED_WIDTH = this.Width;

// Reset current dimensions
this.Width = 0;
this.Height = 0;

// Initialize the clocks
Clock1 = new Timer();
Clock1.Interval = 1;
Clock1.Start();
Clock1.Tick += new EventHandler(IncreaseWidth);

Clock2 = new Timer();
Clock2.Interval = 1;
Clock2.Start();
Clock2.Tick += new EventHandler(IncreaseHeight);

}

Now it’s just a matter of incrementing the width and height on each tick of the previously defined clocks. This is defined within the event handlers for those clocks.

private void IncreaseWidth(object sender, EventArgs eArgs)
{
if (this.Width != INTENDED_WIDTH)
{
this.Width += 1;
}
else { Clock1.stop(); }
}

private void IncreaseHeight(object sender, EventArgs eArgs)
{
if (this.Height != INTENDED_HEIGHT)
{
this.Height += 1;
}
else { Clock2.stop(); }
}

That concludes my first informative C# / .NET post.

Tags: C-Sharp, Programming
Posted in Categories: Computer Science > Programming | No Comments »

10 Very useful web design and web programming tools

November 18th, 2009

Web development today

Web development today isn’t just HTML editing or basic php scripts. Web development and programming today is usually achieved with a wide set of tools — any popular website around today uses a wide set of tools. For example,

reddit.com — reddit uses Python and PostgreSQL, which spit out html (of xhtml syntax), javascript and CSS.
slashdot.com — slashdot.com uses Perl and MySQL, sitting on top of Apache.
microsoft.com — microsoft.com uses a combination of ASP.NET, running on top of IIS. The output is html (xhtml syntax), css and javascript.

The tools

Web Developer / Firefox Extension

Firefox Web Developer Extension is a useful tool for being able to disable various features on a page, manage cookies, view specific css information using a picker tool for any specific elements and being able to manager userstyles. You can also manage images and various other tools including the ability to view generated source.

You can download it at Mozilla Add-ons

ColorZilla / Firefox Extension

ColorZilla is an extension to firefox that adds a color picker tool to the browser UI. It is then possible to return information for a given pixel on a website.

You can download it at the Mozilla Add-ons site.

MeasureIT / Firefox Extension

The measureIT Firefox extension adds a measuring tool that appears as an overlay on any webpage you need to use it on.

You can download measureIT at the Mozilla Add-ons site.

DOM Inspector / Firefox Extension

The Document Object Model Inspector is a tool to inspect the DOM of any webpage. It often comes with the default install of firefox as an option.

You can download DOM Inspector at https://developer.mozilla.org/en/dom_inspector

Firebug / Firefox Extension

Firebug is an extension which is useful for editing css, html or javascript elements within a webpage.

You can download Firebug at the Mozilla Add-ons site.

Google page speed / Firebug Extension

Google page speed is a Firebug extension that is able to give you a wealth of information on the download speeds and execution time of your website. It can also give you tips on how to reduce overheads and improve code.

You can download the Google page speed Firebug extension at the google page speed site.

Notepad++

Notepad++ is a tool I often use when working on smaller projects where I do not need a full IDE.

Notepad++ is a free (as in “free speech” and also as in “free beer”) source code editor and Notepad replacement that supports several languages. Running in the MS Windows environment, its use is governed by GPL License.
Based on a powerful editing component Scintilla, Notepad++ is written in C++ and uses pure Win32 API and STL which ensures a higher execution speed and smaller program size.

You can download it over at the notepad++ sourceforge project site.

Netbeans with PHP Development plugin

Netbeans is a Java IDE developed by Sun. It supports various plugins — one being PHP development extensions. When working on large projects, Netbeans proves useful.

You can download it at the Netbeans site.

Visual SVN

VisualSVN is a SVN server for Windows. It is quick and easy to use and requires little previous knowledge of server administration or svn experience, but it can also be quite powerful.

You can download it at the VisualSVN Server site. It is free for both personal and commercial use.

Tortoise SVN

TortoiseSVN is an SVN client that interfaces with Windows Explorer to interface with SVN.

You can download it at the TortoiseSVN site.

XAMPP

XAMPP is a quick and easy way to get an apache server, MySQL daemon and PHP all running on Windows for a development environment. It also supports an FTP server and a few other things.

You can download it at the XAMPP site.

Forums
You can come and discuss web development, get website reviews and also SEO information at the Transcendental Labs forum.

Tags: "dom-inspector", "google page speed", "web programming", apache, asp.net, colorzilla, dom, firebug, firefox, firefox extensions, IIS, measureit, mysql, netbeans, notepad++, perl, php, postgresql, python, reddit, tortoisesvn, visualsvn, Web Development, xampp
Posted in Categories: Computer Science > Web Development | 4 Comments »

Why it is important to specify a character encoding

October 29th, 2009

Many website designers design really scrappy websites that do not follow standards at all. I myself tend to write all my XHTML to be XHTML1.1 compliant. As a reader of this blog, I will assume you also attempt to follow standards.

Usually I implement everything to pass xhtml transitional validation. One thing I usually ignore however, is the character encoding.

Put simply, character encoding allows a browser to display and render the document as originally intended. For instance, browsing a site developed using a Japanese-based encoding (e.g. JIS X 0208) will not display correctly unless you have the JIS X 0208 character set installed on your computer.

Without specifying a character encoding, a default character encoding is used. So specifying a character encoding when developing sites that use other characters is a must. But a more important reason exists even if you only develop english websites using UTF-8 or ISO 8859-1. It is a potential security vulnerability.

Essentially, when a character encoding is not specified it could allow for a potential XSS-style attack. This can be achieved by encoding the javascript code using UTF-7. When a clients webbrowser attempts to autodetect the type of encoding used, it will detect it as UTF-7, and the javascript code can then be executed.

Tags: character encoding, html5, web security
Posted in Categories: Computer Science > Computer Science > Security > Computer Science > Web | No Comments »

Your entire life.

October 11th, 2009

The image you see below is earth. Hundreds of millions of miles away. This is your home and it will most likely be the place you live the rest of your life and eventually die. A Tiny, tiny dot in something unimaginably vast.

The small dot that we live on. A very small stage. In a vast cosmic arena.

http://www.youtube.com/watch?v=2pfwY2TNehw

The extract below is from Carl Sagan. A rather famous astronomer that really puts this image into perspective.

“Look again at that dot. That’s here. That’s home. That’s us. On it everyone you love, everyone you know, everyone you ever heard of, every human being who ever was, lived out their lives. The aggregate of our joy and suffering, thousands of confident religions, ideologies, and economic doctrines, every hunter and forager, every hero and coward, every creator and destroyer of civilization, every king and peasant, every young couple in love, every mother and father, hopeful child, inventor and explorer, every teacher of morals, every corrupt politician, every “superstar,” every “supreme leader,” every saint and sinner in the history of our species lived there — on a mote of dust suspended in a sunbeam.

The Earth is a very small stage in a vast cosmic arena. Think of the rivers of blood spilled by all those generals and emperors so that, in glory and triumph, they could become the momentary masters of a fraction of a dot. Think of the endless cruelties visited by the inhabitants of one corner of this pixel on the scarcely distinguishable inhabitants of some other corner, how frequent their misunderstandings, how eager they are to kill one another, how fervent their hatreds.

Our posturings, our imagined self-importance, the delusion that we have some privileged position in the Universe, are challenged by this point of pale light. Our planet is a lonely speck in the great enveloping cosmic dark. In our obscurity, in all this vastness, there is no hint that help will come from elsewhere to save us from ourselves.

The Earth is the only world known so far to harbor life. There is nowhere else, at least in the near future, to which our species could migrate. Visit, yes. Settle, not yet. Like it or not, for the moment the Earth is where we make our stand.

It has been said that astronomy is a humbling and character-building experience. There is perhaps no better demonstration of the folly of human conceits than this distant image of our tiny world. To me, it underscores our responsibility to deal more kindly with one another, and to preserve and cherish the pale blue dot, the only home we’ve ever known.”

Tags: astronomy, carl sagan, philosophy, Space
Posted in Categories: Space | No Comments »

Facebook Privacy Breach

September 11th, 2009

Facebook, one of the web’s leading social networking websites has compromised private data.

Private data from thousands of users has been released despite the privacy settings on some profiles. It appears that anyone can access any data stored on the notes application, regardless of its privacy setting. This data is now easily accessible, as major search engines such as Google have already indexed the data.

Once again the security of social networking has come into question. Is it really safe to trust a company with information that details almost every aspect of our lives? Facebook has yet to comment on the latest data breach.

You can read more about this over at reddit.com.

Tags: facebook, privacy
Posted in Categories: Computer Science > Security | No Comments »

Free VPN

September 11th, 2009

If you don’t already know about VPN’s, go check out the article on Wikipedia.

I recently discovered a new VPN provider over at itshidden.com. If you’ve been looking for a free VPN, then it may be worth taking a look.

The blog is lacking in content lately due to life issues and other work. If you’re looking for more reading material then it might be worth checking out TheUltimateCouponSite Blog.

See ya’ soon!

Tags: anonymity, free vpn, Security, vpn
Posted in Categories: Computer Science > Networking | No Comments »

I was a victim of the recent VAServ attacks

June 12th, 2009

Some of you may have seen a recent news article about VAServ’s entire infrastructure being compromised leading to data loss/theft on over 100,000 sites.

I was a victim of this attack (I host around 6 sites on my VPS — all of which were downed). Luckily I managed to get into the server today, and it seems most of my files are intact (so far). A quick reboot of mysql and it seems everything is working as it should be.

Sadly the DNS provider was also hacked, so trying to access via domains will fail. Moral of the story? Always make backups. I almost lost EVERYTHING. Anything can happen.

You can read more about it over at slashdot.

Tags: hacked, hackers, Security, vaserv
Posted in Categories: Computer Science > Computer Science > Security | No Comments »