Dragos

Nu. Prea complicat. E ceva mai simplu. @cigraphics: Sughita?

Ambele variante sunt bune. Un om isi cumpara o pusca si se duce la vanatoare. Isi incarca arma, trage si dupa cateva secunde moare. De ce?

Corect (usa). Next: Pe camp un om arunca un obiect. Dupa cateva secunde moare din cauza obiectului.

Mai e loves, buys, kicks, dances.

Bine, rezolvati repede Next: Doi frati se cearta. Ca sa-i desparta, tatal lor foloseste un ziar pe care ii aseaza pe cei doi, astfel ei nu mai comunica. Cum a reusit?

O fi de la hostul tau. Incearca asta: <?php $to = "recipient@example.com"; $subject = "Hi!"; $body = "Hi,\n\nHow are you?"; $headers = "From: sender@example.com\r\n" . "X-Mailer: php"; if (mail($to, $subject, $body, $headers)) { echo("<p>Message sent!</p>"); } else { echo("<p>Message delivery failed...</p>"); } ?>

Reformulat: Un om care sta la etajul 20 merge in fiecare dimineata la servici coborand cu liftul pana la parter. La intoarcere, daca este senin urca cu liftul pana la 10 si restul de etaje pe jos. Daca ploua sau daca e cu cineva in lift, urca pana la 20. De ce?

Un om se trezeste intr-o noapte, se duce sa bea un pahar cu apa, se intoarce, inchide lumina si se baga in pat. In ziua urmatoare se sinucide. De ce? Fiti atenti la anumite detalii. LE: A raspuns corect Dokil.

7n are un tos cam dur. Si cer si despagubire mare... So I choose hi2.

Prima data eram la o terasa la mare si mi s-a urcat un pitic pe mana si-mi cerea bani.

develop your own gtalk/jabber/aim/yahoo bot using imified API | The Storyteller Daca stii PHP, poti sa faci bot-ul cum vrei tu: sa-ti zica vremea, ora, minutul, secunda, etc. Baga in lista ta de mess id-ul mnx_suport. Este un bot facut pt comunitatea de cs mnx. Are vreo 10 comenzi, dintre care vreo 2 sunt dezactivate. Nu am mai lucrat de ceva vreme la el.

Ai incercat IMified?

L-am facut pentru Wordpress. Acum tu alegi la ce sa-l folosesti.

Dupa vechiul articol cu codul de securitate, m-am gandit sa scriu unul nou despre cookie. In ce consta acest cookie? Daca ai acest cookie activat, atunci poti accesa pagina de logare. Daca nu, scriptul va afisa un mesaj dat de tine. Deschidem wp-login.php din directorul blogului si scriem urmatorul cod fix dupa <?php if (!isset($_COOKIE["intra"])){ die ("mars de aici"); }else{ $cookie = $_COOKIE['intra']; if (!($cookie == "cuchi")){ die ("mars de aici"); } } Pentru a putea vizualiza form-ul de logare, scrie in bara de adresa : javascript:void(document.cookie="intra=cuchi"); dupa care dai refresh. Simplu!

America, tara tuturor posibilitatilor.

Facebook users will soon have a new way of knocking spammers out of legitimate accounts. The social-networking company is rolling out a new security feature that lets users see which computers and devices are logged into their Facebook accounts, and then removing the ones that they don't want to have access. The move addresses a growing problem on Facebook. Spammers use fake phishing sites to trick Facebook users into entering their usernames and passwords, and then they use those credentials to send spam messages to as many Facebook friends as possible. This type of spam is often very effective because it looks like it's coming from a trusted source (a Facebook friend), and security experts say that many spammers have now developed automated programs that log into stolen Facebook accounts and send spam. Just last week, scammers used hacked Facebook accounts to spam Facebook users with bogus Free iPad offers. In addition to knocking out spammers, this new feature also gives users a way of logging out of machines that they've recently used -- a library computer or a friend's mobile phone. Not everyone will be able to use this new feature immediately, as it's being rolled out "gradually," Facebook said in an e-mail message. Users who have been granted the login control feature can see it by going to Account Settings and then looking for it in the Account Security Section. There, they can see the different computers currently logged into Facebook, which browser and operating system they use and -- based on Internet Protocol information -- a guess at where they are located. With the click of a button, the user can "end activity" on any of these sessions. Someone whose account has been hacked could use this information to confirm that her account had been compromised and then reset her password. "It provides you with a visual indication of which devices currently have sessions open with your user profile," said Andrew Walls, research director with the Gartner analysis firm. The feature is a follow-up to a login notification feature that Facebook introduced last May, which alerts users when different devices log into their accounts, he said. To boost security, Facebook adds remote logout | ITworld

Lista evenimentelor iesite din comun care au legatura cu Facebook, pare sa se imbogateasca de la o zi la alta. Ultima intamplare care poate fi adaugata pe acesta lista a avut loc in SUA, in orasul Detroit. Hadley Jons era jurat intr-un proces, iar in timpul deliberarilor s-a gandit sa isi updateze statusul de Facebook printr-o afirmatie de genul: “o sa fie amuzant sa ii spun acuzatului ca l-am gasit vinovat.” Numai ca avocatului apararii, Saleema Sheikh, care a dat din greseala peste status, nu i s-a parut asa de amuzant. Femeia a mers direct la judecatoarea care prezida cazul, iar Hadley Jons a fost retras imediat din juriu. Si asta nu e tot. Jons se gaseste acum de cealalata parte a salii de judecata, intrucat a fost acuzat de sfidare a curtii. Oare cati din juratii care se ocupa de cazul lui se vor amuza declarandu-l vinovat! Un jurat a anuntat verdictul unui proces mai intai pe Facebook | Hit.ro

Daca Facebook poate, de ce nu ar putea si Apple? Steve Jobs a prezentat astazi, in cadrul unui eveniment de presa, un produs cu totul nou pentru compania din Cupertino: o retea sociala. Ping vine integrata in cea mai recenta versiune a software-ului iTunes si, asemeni Facebook, Twitter sau MySpace, le permite utilizatorilor sa isi faca liste de prieteni, sa isi creeze profiluri detaliate sau sa isi impartaseasca pasiunile. In plus, noua retea sociala vine concentrata pe ideea de muzica, astfel ca utilizatorii pot alcatui liste cu preferintele muzicale ale prietenilor, cu concertele la care vor merge sau cu artistii preferati. Potrivit analistilor de la firma de cercetare CCS Insight, noul serviciu reprezinta o “miscare ambitioasa”, care va fi o provocare, atat pentru MySpace, cat si pentru celelalte retele sociale. "MySpace trebuie sa analizeze ceea ce inseamna aceasta lansare pentru ei. Probabil vor avea in curand un competitor puternic in Ping. Vor trebui sa gaseasca o cale pentru a se diferentia, pentru ca majoritatea utilizatorilor isi cumpara muzica de la Apple, iar Ping vine ca o extensie naturala”, a declarat Michael Gartenberg, partener la compania de cercetare de piata Altimeter. Reteaua MySpace atrage cu preponderenta muzicienii, care folosesc site-ul pentru a-si impartasi propria muzica si a descoperi alti artisti. Insa numarul de utilizatori a stagnat la 60 de milioane si multii au migrat catre alte retele sociale, precum Facebook. Ping ? o noua retea sociala marca Apple | Hit.ro

Symantec has teamed up with rapper Snoop Dogg to launch a cybercrime rap contest. Participants are invited to bust some rhymes on the subject of malware, hacking and botnets for the chance to win an all expenses paid trip to LA to attend a Snoop gig and meet his people, if not the rapper himself. Winners get a Toshiba laptop outfitted (inevitably) with Norton Internet Security 2011. Entry is only open to US residents. Would-be rappers are invited to submit a two-minute rap video to Hack Is Wack! Snoop Dogg's Anti Cybercrime Rap Video Contest Sponsored by Norton Symantec - HOME before the 30 September deadline. The winner will be selected on the basis of "originality, creativity and message". In the meantime the contest is being promoted via Facebook and a dedicated Twitter feed already offering nuggets of wisdom such as "dk man, iz it this spiff or iz @RealWizKhalifa from rollin 20's snoop hood lmmfao. #blackandYellow #dj #bbm". The exercise has the laudable aim of raising awareness about cybercrime but we can't help fearing the musical results are likely to be dire. When corporate giants team with musical stars to appear "down with the kids" the results are seldom edifying. Unfortunately early entries to the HackIsWack contest, which launched on Moday, fully vindicate these fears. Symantec and Snoop Dogg launch cybercrime rap contest ? The Register

Geographically mixed-up Algerian hackers made themselves look rather silly by defacing the website of an English stately home instead of Belvoir Fortress in Israel, their intended target. Cyber-jihadis from a previously unknown group called Dz-SeC commandeered the website of Belvoir Castle to post an anti-Zionist rant along with an image of the Algerian national flag. Belvoir Fortress was a Christian outpost during the Crusades, as explained in an Israeli government run-down on its history here. Belvoir Castle, a Royalist stronghold during the English Civil War, by contrast, is best known these days as the host of an annual teddy bears’ picnic. “We've nothing to do with the Middle-East," a Belvoir Castle spokeswoman told the Daily Telegraph. "I just help to organise the teddy bears' picnic." "It does make more sense that they meant to target the fortress in Israel rather than the castle in Leicestershire,” she added. The defacement has been expunged and the Belvoir Castle website restored to normal operation since the attack. Cyber-jihadists deface home of teddy bears' picnic ? The Register

Federal prosecutors have uncovered a scam that used tens of thousands of cloned cellphones to defraud Sprint out of $15m in lost long distance revenue. The operation dates back to at least the latter half of 2009, when cellular customers began complaining that they were billed for international calls they didn't make, according to court documents made public on Wednesday. When Sprint employees looked into the matter, they discovered that many of the calls were made from hundreds of miles away from where the customers lived and within minutes of other calls made from the customers' homes. Eventually, the Sprint investigators discovered that electronic credentials belonging to “tens of thousands of its customers” were used to make international calls that would have cost $15m had they been billed at the going rate. What's more, many of the defrauded customers' online accounts were breached so that changes could be made to passwords, international calling features and other settings. The fraud came to light in a criminal complaint that accused nine Sprint employees of illegally accessing customer accounts more than 16,000 times between January and June of this year. Among the information they took were the MSID, or mobile station ID, and the ESN, or electronic serial number, that are used to uniquely identify each handset on the Sprint network. By plugging the credentials into new cellphones, people were able to make phone calls that were charged to the accounts of the defrauded customers. The complaint didn't identify the cellular carrier, but Sprint officials confirmed the fraud after its name came up during court hearings on Wednesday. “Sprint regularly monitors and works aggressively to identify and respond to fraudulent activity,” Sprint said in a statement. “The company has been assisting authorities in this case. Should a Sprint customer notice this sort of suspicious activity on their account, we would encourage them to contact our Care representatives for assistance.” Sprint has credited the defrauded customers for the value of the calls, a press release from the US Attorney in the Bronx, New York, said. Based on the allegations, the employees charged appear to be low-level operatives who used their access to Sprint's customer database to supply the credentials to people higher up in the scam. One defendant, Tampa, Florida-based Princetta Dorisma, said a co-worker approached her and offered $1,000 in return for information associated with a range of phone numbers, according to the complaint, which was filed in US District Court for the Southern District of New York. Dorisma received two payments of $500 in exchange for sending the customers' names, cell phone numbers and ESNs associated with each number to an email address specified by the co-worker. The other defendants named in the complaint are Pedro Rodriguez and Johnny Santana, who worked at Sprint stores in located in the Bronx; Luis Abad, Mathews Angel, Francis Lopez, and Luis Orriols, who worked at a store in North Bergen, New Jersey; and Lesly Esquea and Jacklin Volny, who also worked at a store in Tampa. They are each charged with one count each of conspiracy to commit wire fraud, access device fraud and aggravated identity theft. If convicted on all counts, they face a maximum of 32 years in prison, in addition to fines. Feds crack phone clone scam that cost Sprint $15m ? The Register

Microsoft has released a software tool that helps system administrators protect PCs against a critical class of vulnerabilities found in more than 100 applications from a variety of software makers. The FixIt Tool works only on machines that have already installed the workaround Microsoft published last week. The latest point-and-click release is designed to make the previous workaround easier to use and fine-tune a variety of settings that will ensure compatibility with applications such as Outlook 2002, members of the Microsoft Security Response Center said. The so-called DLL hijacking threat stems from default behavior when Windows tries to load dynamic link library files used by applications that run on top of the operating system. When the current working directory is set to one controlled by the attacker, it's possible to force the OS to execute a malicious file. More than 100 applications made by Microsoft and third-party software makers have been identified as being vulnerable, including Mozilla Firefox and Thunderbird, PowerPoint, Opera and drivers for Nvidia graphics hardware. Microsoft has yet to confirm which of its applications are vulnerable. A spokeswoman from Mozilla contacted last week didn't have a comment, either. MSRC's Jonathan Ness and Maarten Van Horenbeeck said that the vulnerability doesn't allow a drive-by attack in which users can get exploited simply by visiting a malicious website. Nonetheless, they said the threat is real, especially for users in settings where Windows file sharing and other advanced networking options are used. “Unfortunately, based on attack patterns we have seen in recent years, we believe it is no longer safe to browse to a malicious, untrusted WebDAV server in the Internet Zone and double-click on any type of files,” the wrote. “We recommend users only double-click on file icons from WebDAV shares known to be trusted, safe, and not under the control of a malicious attacker,” Microsoft releases FixIt for critical flaw in 100 apps ? The Register

Cheeky scammers are offering prospective marks an application that supposedly shields them from exposure to survey scams. Naturally, you first have to fill in a survey to install the script, which is punted through Userscripts(dot)org. Odds are that even after jumping through these hoops users will still be exposed to surveys and, possibly, left at a heightened risk of malware infection. "'Only install scripts from sources you trust' is on the install box for a reason," security researcher Christopher Boyd, of GFI Security, notes.??Boyd's write-up of the scam can be found here. Survey scams are becoming increasing common on social networks. Scammers (affiliates) profit from wasting surfers' time with the Web 2.0 equivalent of email spam. Often the spammers attempt to hoodwink users into signing up to premium rate SMS services. A study by F-Secure, published last week, took advantage of the web analytic tools used by scammers to investigate the response rates of survey scams. For example, one recent social network spam run, themed around McDonalds, attracted 32,000 clicks, and a conversion rate of 40 percent. F-Secure notes that these sizeable figures are lower than those pulled in by earlier scams. A survey scam that used supposed footage of a teacher beating a disobedient student pulled in 140,000 hits six weeks ago, for example, because users are getting wise to the ruse. "The 32,000 clicks is far less than similar spam from just two months ago when we saw several examples of viral links that yielded hundreds of thousands of clicks," writes Sean Sullivan, a security advisor at F-Secure. "Returns are diminishing as people are exposed, develop a resistance, and recognise Facebook spam for what it is." Despite increased user awareness, however, it's unlikely that survey spam scams will disappear anytime soon, F-Secure warns. "Social networking spammers don't need to dupe very many people in order to be rewarded for their efforts," said Sullivan. "Many of the surveys lead to SMS subscriptions (particularly outside of the USA) and there's good money to be made. "And because the conversion rates are better than e-mail spam, you can be certain that it won't be going away any time soon." Survey scammers serve up supposed shelter from survey scams ? The Register

Russian police have arrested 10 suspected members of a ransomware gang who allegedly made millions via a locked computer malware scam. PCs infected by the WinLock Trojan at the centre of the scam were rendered unusable because the malware disabled key Windows components. More embarrassingly pornographic images were displayed on compromised machines, IDG adds. The crooks claimed the damage could only be undone by sending premium rate SMS messages at a cost of between 300 rubles ($9.72) and 1,000 rubles. Tens of thousands of victims, mostly in Russia, were hit by the scam, Host Exploit reports. Web users in Ukraine, Belarus and Moldova were also reportedly affected by the scam, which reportedly earned crooks as much as $16m in just one month. More commentary on the scam and cybercrime prosecutions in Russia can be found in a blog post by noted Russian virus-fighter Eugene Kaspersky here. Russian cops cuff 10 ransomware Trojan suspects ? The Register

Security researchers using hardware hacking techniques have unearthed generic flaws in supposedly ultra-secure quantum cryptography systems. The security of quantum cryptography hinges on using the fundamental properties of quantum physics for quantum key exchange. Any attempts to monitor this exchange would inevitably be detected as increased noise on the line and an abandoned data exchange. That principle remains solid and the attack, like others before it, relies on exploiting implementation flaws. This particular crypto-busting technique, which uses off-the-shelf but expensive hardware, relies on remotely manipulating a photon detector at the receiver's end of a supposedly secure link. Commercial systems from MagiQ Technology's QPN 5505 and ID Quantique Clavis2 systems were demonstrated as potentially vulnerable by a team of computer scientists from Norway and Germany. Researchers from Norwegian University of Science and Technology (NTNU), the University of Erlangen-Nürnberg and the Max Planck Institute for the Science of Light in Erlangen are working with manufacturers to develop countermeasures. The loophole - which relies on specially tailored bright illumination - is likely to be common in most QKD systems using avalanche photodiodes to detect single photons, the researchers warn. “Unlike previously published attempts, this attack is implementable with current off-the-shelf components,” explained Dr Vadim Makarov, a researcher in the Quantum Hacking group at NTNU. “Our eavesdropping method worked both against MagiQ Technology's QPN 5505 and ID Quantique Clavis2 systems.” The hack pulled off by the team is complex and might involve an initial outlay of $50,000 or more, potentially within the reach of industrial spies and certainly in the scope of intelligence agencies. Quantum key distribution systems became commercially available around five or six years ago and are used for the secure exchange of highly sensitive material by banks and governments, so a major up-front investment in equipment and expertise is certainly possible. The researchers have published their preliminary findings in a letter to the August 29 edition of academic journal Nature Photonics. An overview of the research, together with pictures of the hacking rig, can be found here. Hardware hackers defeat quantum crypto ? The Register