Monthly Archives: March 2011

New malware attack hits facebook through chat!

I just got pings from three of my friends over facebook chat, all of them containing the same message

Hey, check out this girl, lol, she must be out of her mind for making that video!: bit.ly/eNYMXb

Well, so lets see where does the link take us..

anshup@listsettle-lm: ~$ curl -I bit.ly/eNYMXb
HTTP/1.1 301 Moved
Server: nginx
Date: Sat, 19 Mar 2011 09:35:54 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: _bit=4d8478fa-003c1-04438-d8ac8fa8;domain=.bit.ly;expires=Thu Sep 15 05:35:54 2011;path=/; HttpOnly
Cache-control: private; max-age=90
Location: http://www.torsing.info/
MIME-Version: 1.0
Content-Length: 116

As expected, the first bitly link is a proper redirect to some site. Now lets see what the second link has.

anshup@listsettle-lm: ~$ curl -I http://www.torsing.info/
HTTP/1.1 302 Found
Date: Sat, 19 Mar 2011 09:36:04 GMT
Server: Apache
Location: http://www.torsing.info//dashboard.php
Connection: close
Content-Type: text/html

Hmm, another redirect to same site, not bad.

anshup@listsettle-lm: ~$ curl -I http://www.torsing.info//dashboard.php
HTTP/1.1 200 OK
Date: Sat, 19 Mar 2011 09:36:11 GMT
Server: Apache
Connection: close
Content-Type: text/html

anshup@listsettle-lm: ~$ curl http://www.torsing.info//dashboard.php
<script type=’text/javascript’>top.location.href = ‘https://www.facebook.com/login.php?api_key=134003950005663&cancel_url=http%3A%2F%2Fwww.torsing.info%2Fmain.php&display=page&fbconnect=1&next=http%3A%2F%2Fwww.torsing.info%2Fdashboard.php&return_session=1&session_version=3&v=1.0&req_perms=xmpp_login';</script>

Now here is the bad part!
As you see in the last output, its merely a trick to directly access your facebook credentials as if you approved it (thats my assumption, am not sure what it does and am not going to find that out right now.

What I am surprised at is that facebook uses a non salted/non nounced url for such requests.. :!
Definitely you know better facebook :)

lets see how fast it spreads and what all comes out of it!

Lets see a lil about the domain.

anshup@listsettle-lm: ~$ whois torsing.info
Domain ID:D36666838-LRMS
Domain Name:TORSING.INFO
Created On:05-Feb-2011 19:58:43 UTC
Last Updated On:06-Feb-2011 10:32:05 UTC
Expiration Date:05-Feb-2012 19:58:43 UTC
Sponsoring Registrar:GoDaddy.com Inc. (R171-LRMS)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:CR74380736
Registrant Name:Matej Kalanj
Registrant Organization:
Registrant Street1:Marohniceva 18
Registrant Street2:
Registrant Street3:
Registrant City:Rijeka
Registrant State/Province:Primorsko goranska
Registrant Postal Code:51000
Registrant Country:HR
Registrant Phone:+385.955533376
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:webmaster@sex-galerije.com
Admin ID:CR74380738
Admin Name:Matej Kalanj
Admin Organization:
Admin Street1:Marohniceva 18
Admin Street2:
Admin Street3:
Admin City:Rijeka
Admin State/Province:Primorsko goranska
Admin Postal Code:51000
Admin Country:HR
Admin Phone:+385.955533376
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:webmaster@sex-galerije.com
Billing ID:CR74380739
Billing Name:Matej Kalanj
Billing Organization:
Billing Street1:Marohniceva 18
Billing Street2:
Billing Street3:
Billing City:Rijeka
Billing State/Province:Primorsko goranska
Billing Postal Code:51000
Billing Country:HR
Billing Phone:+385.955533376
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email:webmaster@sex-galerije.com
Tech ID:CR74380737
Tech Name:Matej Kalanj
Tech Organization:
Tech Street1:Marohniceva 18
Tech Street2:
Tech Street3:
Tech City:Rijeka
Tech State/Province:Primorsko goranska
Tech Postal Code:51000
Tech Country:HR
Tech Phone:+385.955533376
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:webmaster@sex-galerije.com
Name Server:MDNS1.NMSERVERS.COM
Name Server:MDNS2.NMSERVERS.COM

Hmmm, so a site registered in croatia. Interesting.

The NewYork Times launches digital subscription, beginning with canada.

Copy of an email sent out by The NewYork Times:
NYTimesNYTimes.
An important announcement from
the publisher of The New York Times

Fine Print
Dear New York Times Reader,

Today marks a significant transition for The New York Times as we introduce digital subscriptions. It’s an important step that we hope you will see as an investment in The Times, one that will strengthen our ability to provide high-quality journalism to readers around the world and on any platform. The change will primarily affect those who are heavy consumers of the content on our Web site and on mobile applications.

This change comes in two stages. Today, we are rolling out digital subscriptions to our readers in Canada, which will enable us to fine-tune the customer experience before our global launch. On March 28, we will begin offering digital subscriptions in the U.S. and the rest of the world.

If you are a home delivery subscriber of The New York Times, you will continue to have full and free access to our news, information, opinion and the rest of our rich offerings on your computer, smartphone and tablet. International Herald Tribune subscribers will also receive free access to NYTimes.com.

If you are not a home delivery subscriber, you will have free access up to a defined reading limit. If you exceed that limit, you will be asked to become a digital subscriber.

This is how it will work, and what it means for you:

  • On NYTimes.com, you can view 20 articles each month at no charge (including slide shows, videos and other features). After 20 articles, we will ask you to become a digital subscriber, with full access to our site.
  • On our smartphone and tablet apps, the Top News section will remain free of charge. For access to all other sections within the apps, we will ask you to become a digital subscriber.
  • The Times is offering three digital subscription packages that allow you to choose from a variety of devices (computer, smartphone, tablet). More information about these plans is available atnytimes.com/access.
  • Again, all New York Times home delivery subscribers will receive free access to NYTimes.com and to all content on our apps. If you are a home delivery subscriber, go tohomedelivery.nytimes.com to sign up for free access.
  • Readers who come to Times articles through links from search, blogs and social media like Facebook and Twitter will be able to read those articles, even if they have reached their monthly reading limit. For some search engines, users will have a daily limit of free links to Times articles.
  • The home page at NYTimes.com and all section fronts will remain free to browse for all users at all times.

For more information, go to nytimes.com/digitalfaq.

Thank you for reading The New York Times, in all its forms.

Sincerely,
Arthur Sulzberger Jr.
Arthur Sulzberger Jr.
Publisher, The New York Times
Chairman, The New York Times Company

 

Fine Print

As a loyal reader of NYTimes.com, you will receive a special offer to save on our new digital subscriptions. We will e-mail this special offer starting on March 28, the day we begin charging for unlimited access to our Web site and mobile apps*. We truly value your readership and look forward to bringing you the world’s finest journalism every day.


Fine Print *Mobile apps are not supported on all devices. Does not include e-reader editions, Premium Crosswords or The New York Times Crosswords apps. Other restrictions apply.

This message was sent to inform you about an important change to our Web site and NYTimes applications. Please note, if you have chosen not to receive marketing messages from The New York Times, that choice applies only to promotional messages. You will continue to receive important notifications that are legally required or could affect your service.

To review our Privacy Policy, please go to:
http://www.nytimes.com/content/help/rights/privacy/policy/privacy-policy.html

© 2011 The New York Times Company / 620 Eighth Avenue, New York, NY 10018

 

My hunt for the perfect browser for work :!

UPDATE: And now I have moved (back) to firefox 4! Firefox 4 is fast, so far no crashes and is looking good. more on this later as I spend more time on it!

hi,

First and foremost a little into what this post will give you. In this post, first I talk a little about why I need this post. Then a little of my browsing habbits history. Then some of my problems. And then my problems.

This post started when I realised I ve been switching between browsers one after another whenever I face some issue with one. Now few months down the lane, I don’t remember what the problem was and why I switched away from a particular browser and to what and why. So this post is more like a little documentation effort.

Now a little into my browser usage history. As a kid I remember using IE, Firefox and a little of Opera. In college, I was primarily a firefox user (with a little bit of elinks thrown in whenever the network would be clogged down). After I started work, one of the worst versions of firefox was released. FF 3.0. It would crash like a drunken dog gone nuts on the roads. I switched over to Opera at this instance after suffering for weeks (on fedora). Then I switched to Mac. My love for Opera continued. Ofcourse I have firefox with firebug and webdeveloper and various profiles. And then, I guess it started crashing for some reasons. I tried safari but wasn’t really impressed. At this time I primarily switched to Chrome. I had tried chromium on fedora earlier and Chrome had evolved a lot from its chromium days.

At the moment, am back to Opera. This post is being published in Opera. And the reason. Well, the latest version of Chrome is buggy or maybe its the speeddial extension. Now when I click on any speeddial, the speeddial opens up, but the address bar is empty :!

And its hightime I try Opera 11 :)
In the meanwhile, I ll be downloading latest firefox nightly release aka minefield :)

And will keep this post (or further posts) as a part of documenting my waddle through the various browsers. (IE wont be part much of it, though I do use it once in a while owing to some stupid IE rich web applications.).

More on it later. Cheers
Anshu Prateek