BSNL Website Hacked by Pakistani Hacker

BSNL just can’t get enough of the negative lime-light. It has not even been two months since we reported BSNL getting compromised, and here we are again. A self-proclaimed Pakistani hacker has defaced a public BSNL page. Last time, we revealed a serious security flaw in an internal application at BSNL called Dotsoft, and funnily enough, the vulnerability still exists.
dotsoft-hack
Apparently, Dotsoft became a hot topic with ethical hackers earlier in 2009, here is a clear proof-of-concept hack attempt aimed at Dotsoft. Though, this time, the situation is even worse. Today, a sub-directory on the BSNL website was hacked by a Pakistani hacker. The hacker, who calls himself ‘KhantastiC haX0r’, placed an index.html file on the sub-directory to prove that he has write-access to the web server.   He has also stated he has copied and removed all logs of the intrusion, as well as copied the databases — possibly being held for ransom? The defaced site is available at http://www.bsnl.co.in/tender1/ and doesn’t seem to affect any other pages within the same sub-directory, like http://www.bsnl.co.in/tender1/archive3.php.

khantastic-hacker

It is worth mentioning that although ‘Khantastic haXor’ claims to have connections with the PCA, he was actually thrown out of the PCA according to online reports. The situation was so bad that his personal details were exposed by a rival online ‘crew’. They went so far as to include personal photographs of the person in question. In any fashion, KhantastiC haX0r doesn’t seem to take his online anonymity very serious, as his Google+ account features pictures in high detail.

BSNL seriously needs to strengthen itself against attacks like these, with over 90 million subscribers, it’s a wonder they’ve managed to stave off theft of credit cards, passwords and other internal databases. It would seem like this is an online turf-war and BSNL was simply caught in the middle, perhaps their state ties can help them with building a more robust and secure network.

This makes for a good Diwali gift for BSNL from Pakistan.

Opera Browser Vulnerable to Memory Corruption Exploit

In the raging browser wars, features, security and stability are paramount to competing. Opera might want to get a serious handle on things with the next release they push.

There is a memory corruption bug that has been present in Opera 10, 11 and the pre-release of 12 on Windows XP SP3. The vulnerability exists within SVG (Scalable Vector Graphics) layout handling. By nesting SVG functions within XML calls, an attacker is able to crash Opera. While crashing a browser might not seem like a huge deal to some, couple it with code injection and you have an exploit that can lead to complete remote code execution, and then it’s game over.

The exploit, which was discovered over a year ago, was reported to Opera but never fixed. Jose Vasquez, the original author, has published full details on the vulnerability as well as written and released a complete Metasploit module. Metasploit is a security framework for penetration testing, allowing a large number of security professional to collaborate on software and service vulnerabilities.

What might seem like a benign crash of your browser, might turn out to be an attacker positioning themselves to take control of your computer and network. Although it’s been previously broken, Jose also indicates it may be possible to bypass DEP, which is an active security feature provided by Microsoft,  specifically made to prevent unwanted code execution.

In an interview, Opera’s co-founder,  Jon Stephenson von Tetzchner indicated their number of users grew from 50 million in 2009 to over 150 million in just one year. There are a lot of users who are potentially vulnerable to exploitation of this bug. When Opera 11.51 was released, major security and minor stability issues were the reason for the update. If we consider that  this bug has been present since 10.50, disclosed to Opera over a year ago, and still left unfixed — many users may want to look at switching to the very popular Chrome  or Firefox 7  until Opera fixes this issue.

Shemaroo Launches Free Bollywood Movies On Youtube

Wouldn’t it be nice if you could get to watch all your favorite Bollywood (hindi) movies online for free? Well, I don’t think anyone will say no to this. However if you think that we are going to tell you about illegal ways of watching Hindi movies online then this post is not for you.

Bollywood films distributor – Shemaroo has taken a unique initiative to put good hindi movies online including golden oldies and latest flicks so that users can easily see their favorite movies without much hassle. In order to make this happen, Shemaroo has created an exclusive video channel on Youtube called Shemaroo Movies. The channel has full length videos of various Bollywood films which users can view for free.

Currently the channel has around 20 titles ans Shemaroo has plans of expanding it gradually with more movies. The best part about it is that they have the right mix of current blockbusters as well as all time classic movies. Short 5 – 6 second in video advertisements which play at regular intervals while watching the movies is how Shemaroo is planning to generate revenue from these online movies.

One concern which I had while viewing movies on the Channel is that, it is very easy to download videos from Youtube using already available online video download tools. These might prompt certain users to download the movies from the Shemaroo channel (meant for viewing online). So, in a way is this not promoting video piracy? Do let us know about your thoughts in the comments section below.

Car Service Portal MeriCar.com Raises Seed Funding

MeriCar.com is a unique car portal that helps car owners to search for car service centers and car spare sellers in their neighbourhood. All in all, MeriCar.com can be termed as an online car repair shop. The portal lists car service centers for various brands and helps users connect to the right car workshop, thereby saving on car servicing bill.

MeriCar.com has raised it’s seed funding from debutant Seed fund firm – MyFirstCheque. Although there has been no official word on the amount of investment yet but MyFirstCheque typically invests amount withing Rs 20 lakh in startups and takes an equity stake between 15 to 25 per cent.

Rakesh K Sidana, the CEO of MeriCAR.com said that My First Cheque recognised the potential of his idea and has made the much required investment with which, the company looks forward to strengthening the core team and expanding the MeriCar.com network further across the country and servicing a larger base of car users.

Microsoft Kicks Off Online Reality Show: Career Factor

Microsoft has been able to able to build a powerful social presence with active twitter and Facebook accounts for product teams. Leveraging this social network presence, Microsoft will be having a online based reality show with 9 contestants.

The 9 contestants with proficiency across Microsoft technologies will be given tasks to complete and everyone can follow their progress online. The show is called Career Factor, first spotted by Joe Wilcox the introductions of the contestants are available on Microsoft Learning’s Youtube page. The show updates can be followed on the Twitter account MS Career Factor.

The show is part of Microsoft’s Born 2 Learn initiative. Links to Twitter, Facebook and LinkedIn profiles of the 9 contestants can be found here. A forum with sections dedicated to the contestants has been setup as well. While the show won’t be the next Apprentice, the concept is interesting.

Anonymous Calls for a Global Protest on Jan 15

With the recent spate of attacks on Wikileaks (and as a side effect, the anon culture of 4chan and Usenet) anonymous freedom groupAnonymous has decided to ante up the pressure on traditional global media. Anonymous is urging faceless internet users to move into the real world and protest against the censorship of news and Wikileaks.

freedom

While the common internet user will not know the implications of hindering net neutrality, free speech, freedom of the press and freedom of assembly the very things that Governments are vouching to quell and prohibit on the internet protests such as these will be an eye opener for many such users.

anonymous

With banners stretching across The Pirate Bay and other free speech and pro-piracy websites as well as 4chan’s notorious /b/ board, it is safe to assume that January 15th will be quite the red-letter day in the history of the free society movement. Actively denouncing aggressive copyright policies and standing up for ideas rather than authorship, the protest aims to be so large that the traditional media will have to cover this activism. Anonymous calls people all over the world to peacefully protest on the streets of their city for these ideals.

One can see and join events all over the world (or create one of their own) at whyweprotest.net

India To See 26% Growth In Online Ad Market

As more and more Indians are getting on the internet, the web is becoming a high potential property for businesses to showcase themselves to users. According to a survey conducted by IAMAI, the online advertising market in India (including both text and display ads) is expected to grow by 26% to Rs 993 crore in the upcoming financial year.

Here are some charts that show the online ad spending according to various sectors. While, banking and financial services lead text ad spending (24 per cent of the total text ad spend), the travel sector leads the display ad spend accounting to 14 per cent share.

Another interesting thing to note in the survey was that the FMCG (Fast Moving Consumer Goods) industry spends more on display ads than text ads. The display ad and the text ads spends for the FMCG industry stood at Rs 26 crore and Rs 13 crore respectively.

Charts via Aloo Techie

19% of Facebook Gamers are Addicted, and other factoids.

Of course, it’s all PC Gaming, at the end of the day, right guys?

Facebook has an abnormally large amount of users playing games. Games such as Farmville or Mafia Wars. The annoyance factor of all these games on other peoples’ walls ranges from terrible to depressing. However, just how many of those daily Facebook loggers play games?

facebook

According to unofficial Facebook fan-site All Facebook, about 50% of Facebook log-ins are specifically for playing games, with over half of Facebook’s users playing these games.

However, out of these 250 million plus users, about 19% say that they are addictedto these games. A very loosely used term, I’m afraid for addiction, as a medical term, is really serious business. It’s exactly the kind of thing that is overused in the media while debasing video games as a whole. However, since it concerns Facebook, I do not mind it all that much.

Nevertheless, the other statistics are most interesting. 56 million people play such games daily which is most of the UK’s population. The average time per month spent playing games is around seven hours! That’s probably a little less than the amount of time I spend playing every week. Considering that Facebook is a social networking site, this is pretty big.

More facts here.

Company of Heroes Open Beta is Online!

Any fan of World War II based games will definitely know Company of Heroes (CoH). Relic Entertainment’s real time strategy (RTS) opus featured magnificent tactical controls laced with a terrific storyline and gameplay experience. Leading either the Able Company or the Fox Company of the US Army, players were promoted to the rank of field commander to lead their men to victory. The standalone expansion packs Tales of Valor and Opposing Fronts also added tremendous replay value in terms of new armies as well as new multiplayer modes.

coho

Now, Relic has opened its door to beta participants for Company of Heroes: Online. This free-to-play take on the brilliant RTS series apparently allows you the same amount of action and strategic control along with a touch of personalization that is common among online games:-

Choose from six different combat doctrines, each with its own strengths and combat styles. Customize your army and enter each conflict with your own unique set of battle-tested Heroes, unit upgrades, and devastating Commander Abilities.

Since this game will be free-to-play, the beta is also free-to-play. Which means you can dive into the game right this instant!

Quite coincidentally (not), Steam has put up a sale of all the CoH titles for $12.49. That’s 75% off, number-crunchers! So, which one will it be today for you?

How to Send Anonymous Email

wl-mail There are many reasons why a person might be afraid to send a normal email message to someone. The person sending the email could:

  • lose a friendship
  • anger a family member
  • lose a job
  • get sued
  • get arrested
  • get hurt or killed

There’s also another reason.

It might be fun! How would you like to send an email that looks like it came from the President, Tax Office or Police? The possibilities for mischief are endless.

Whatever the reason, there are many resources available to those who need to send an anonymous email. The easiest methods are online services. Below I’ll list the top three for you.

send-email.org simple plain text

anonymouse.org simple plain text

deadfake.com html (rich text)

green-check-mark I checked these services for safety using SiteAdvisor.

These email sites are easy to use. You’ll only need to fill out:

  1. From: (make something up)
  2. To: (who is this email for?)
  3. Subject: (what’s the email about?)
  4. Message: (give them the bad news)

Typically, no attachments are allowed and you’ll have to fill out a captcha form to keep the spammers from using these services.

See also: Send Anonymous Tweets With ShhTwitter

Now you’re either ready to save the world, a friendship or get a good laugh. Let me know if you have your own special way to send out secret email, by adding your comment below.