Thoda sa main...(A little bit of me)

Weird! But true, this is how we celebrated our Christmas :)
515 km just to see sunset @ Dapoli

Pratik & Sabhtarsha came with this weird idea of seeing sunset at Dapoli beach (220km from Pune) and we all agreed to it.

The team included six people on three bikes. My thunderbird was not in a position for long rides :( so Avdhoot picked me up at 0800 hrs and we met at Chandani Chowk where Pratik, Sabhtarsha, Vineet & Pushakar were waiting for us.

We had our first stop for fuel and then straight headed for Breakfast @ Dhisa'a dhaba in Tamhini. The road we took to Dapoli was Pune-Tamhini-Mahad-Poladpur-Khed-Dapoli. Reached Dapoli by 1500hrs had a HEAVY lunch, enjoyed @ sea beach and the headed to sunset point.

Enjoyed sunset @ 1800 hrs and started our journey back to Pune @ 1815 hrs. The return road we took was Dapoli-Khed-Poladpur-Mahabaleshwar-Pune. Road to Mahabaleshwar from Poladpur was real scary, there were only 3 bikes on the ghats, no traffic, no human being visible, cold weather and only moon light.

Took our dinner @ Mapro garden at 2200hrs, they were closing but we managed to get a few sandwiches and coffee.

Return journey from Mahabaleshwar was easy and straight as NH4 was not new for all of us & the road conditions were good. F we reached home @ 0100 hrs, exchanged "reached-home-safely" sms ended our Christmas celebration. Not sure about others but here I'm writing this story and uploading snaps @ 0210 hrs :)

Our lower backs are aching like anything and we'll be having a wonderful ;) in office today (26th) for sure.

Some statistics
Riders: Pratik, Sabhtarsha, Avdhoot, Rohit, Vineet
Absolute Pillion: Pushkar
Bikes: Pulsar 220, Pulsar 150, CBZ Xtreme ( :( no Thunderbird this time)
Total Distance covered: 515km
Total Time: 17hrs
Riding Time: 14hrs
Breakfast: Poha, Omelet, Tea
Lunch: KingFish fry, Pomfret fry, Prawns, chicken lollipop, (who care what else was there)
Dinner: Mapro special sandwich & coffee
Photos: http://picasaweb.google.com/rohit11/Dapoli/

The team is little bit twisted this time, some oldies might not be physically available,
Atul & Anand shifted to US
Dibya is on the run again
Karthik is now in Bangalore

But no worries, I'm here with Kiran & Tarun. With few good people supporting like Anil & Ketan we'll be surely having a lot of fun.

See you there @ http://barcamp.org/BarCampPune4

tags: BarCamp, Events

tags: clubhack, Events

tags: comic, Fun Blogging

So finally I reached SJMSOM by 1130hrs & saw that my talk was scheduled at 1400hrs. Tarun created a good base before I reached by the catchy "gabbar" statement for my topic.

Was an OK experience all together but was sorry to see the missing punch of BarCamps. All the topics of the day were circling around "start-ups" & "web2.0" (Except a very few). Is this BarCamp actually meant for?

It would be great to see more variety of topics in future BarCamps

tags: BarCamp, Events

Very true!
Attended MashupCamp yesterday in Pune & here I'm on my way to BarCampMumbai2.

Thought of trying the alternate mode of commute to Mumbai & hopped on "Deccan Queen" in the morning at about 0715. Man! this is a nice train. Much comfortable than Volvo travel to Mumbai.

And above all, I'm connected. Thanks to Reliance data card, speed sucks but connectivity rocks :)

I hope to reach event venue by 1100hrs. Already informed Tarun to book my slot for the talk. From the BarCamp wiki, its seems like BCM2 is already a hit, registration count has gone above the expectation & people are still registering.

I hope this would be an interesting day.

tags: BarCamp, Events

We all noticed a lot of noise on the CSRF attack recently unearthed in Gmail which is really dangerous & can cause harm to many other websites also. [1] [2]

So the question arises, What to do to be SAFE?
Here are few alternatives, select one as per your convenience.

1) POP your mails: I'll again emphasis on POPing the mail over SSL, this way you are not logging on the webmail so you are safe from such attacks, moreover you are on a complete encrypted channel, so more safer

2) Use multiple browsers: Try using different browser for different activities. Say using IE for logging onto webmails & such sites, Firefox for non-login websites, Opera for another such set. No kidding, this is a good way to keep yourself secure

3) Use multiple profiles: If you are die-hard fan of any browser & want to use only that, try creating different profile (if it supports) & fire up the browsers in these profiles. Say "Default" profile for general browsing & "Safe" profile for webmails & other accesses where you use your passwords. You can even secure this "Safe" profile by disabling javascripts & active components like Flash, Java applet, ActiveX etc.


Practise some secure tips to be safe on internet
Safe surfing :)

[1] http://www.gnucitizen.org/blog/google-gmail-e-mail-hijack-technique/
[2] http://www.rohasnagpal.com/blog/2007/09/27/can-your-gmail-account-really-be-hacked/

tags: Security, Tech

0930: Good morning!, Here we are with yet another BarCamp. This one is specialized into training & video casting of tutorials.

0945: People are still coming. Not a very big crowd though. Now this is the actual crowd who comes for Camp & not for the free t-shirt. This time we have not kept any free t-shirts :)

1000: Freeman has put up the story board & speakers posted there timings. I'll be speaking @ 1200. Freeman is about to start the intro session .

1010: Freeman gave a brief intro & guidelines on how to start the session & get it recorded.
Hey whats this, general discussion taking turn towards ease of use Linux & people are emphasizing on teaching people how to use it. Not bad!

1040: After a healthy discussion on coding practices, IDE vs text editors to write code etc. we are now ready to go with first session on Google gears by freeman

1045: Session Starts - Google gears in bigger room.

1110: That was a short & sweet session by Freeman on Google gears, a brief intro to the subject


1115: Rakesh Raju is giving session on 3D game development. An interesting tutorial for those who want to make their own games.

1140: Amit karpe started his session on Drupal. He is giving a brief intro on how can someone start a website with point & click installation and get a powerful CMS. In the other room, Narayan is letting people know how they can do testing using a tools called SAHI.

1210: Ok, my session on safe netizen is about to start in another 5 minutes and lunch will be served after that. In the smaller room we had 2 sessions on KDE dev tools by Ashish & software routing in FOSS by Vaibhav. I wish I could have attended these, but I was busy scaring people with password thefts

*******LUNCH*******

1400: It feels good to blog once your stomach is full & people have appreciated your talk.
My talk was on how to to do safe browsing & what to do when you see a certificate error.

1410: Post lunch session in smaller room is on Ketchlab is by Parth Bakshi & in the bigger room Priyank is taking a session on DOJO & JSON. Oh God! there is so much to learn in this internet world :).

1440: The next session in my room is on accessibility by Krishnakant, can you believe this guy is visually impaired and a master of Linux. He gave an eye opening session on software accessibility using ORCA. While we were busy listening to Krishnakant, in the other room Rohas gave a demo on Facebook API. I wanted to attend that but ORCA kind of held the attention & i forgot about facebook.

1530: Accessibility session pulled long & people enjoyed it a lot. We had a small tea break & gathered again for the remaining sessions

1600: Aah! after getting caffeinated Amit started his tutorial on Joomla & A Jain on fundamentals of AJAX. Unfortunately I didn't attended any one of these. Kinda tired man!

1630: Nearly done with all the sessions. Last 2 are still going but I'm out it.

1700: Finally all done, pack up boys!

Yet another successful camp
Thanks to all the Freeman , co-organizers , volunteers & all the campers.

tags: BarCamp, Events

When I saw few images of fancy laser keyboards online & the flexible keyboard in "Die Hard 4.0" and Yahoo! store online, I made up my mind to get my hands on the same.

My friend Rohas Nagpal brought me the same on his recent trip to Singapore & I had a nice time playing around with them.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

The flexible keyboard as seen in "Die Hard 4.0"
# Its a nice rubber keyboard which can be rolled up and stored in very less space

# Space between keys is little more which makes it little difficult to type fast

# The keyboard comes with a USB connector & a complimentary PS/2 converter for desktop users
# To get the feel of typing people need essential push back feel from the keys. This keyboard gives you that feeling.









# Good to use for fun & in emergency (as in the movie)
# Not a good thing for a general use, not comfortable at all.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


The virtual keyboard
# Wow it looks cool!

# for me it didn't worked with b stack of XP SP2. Didn't paired at all
# Tried orchid bluetooth with Bluesoleil, it paired but didn't worked as expected. I pressed ALT+TAB & my system went for a toss, it got into infinite loop of TAB & control kept moving away from buttons, windows, forms, start button etc. Even after plugging out bluetooth dongle & turning off the VKB. Had a very hard time trying rebooting my PC. Finally after a reboot things got settled.
# The laser glow is not at all ergonomic, the glow & reflection hurts your eyes very soon
# You have to have a plain non-reflective surface for this to work
# Its fun to beam the keyboard on weird surfaces & see patterns
# The essential push back feel is not there
# You end up hitting the surface by your fingertips, not ergonomic again.










-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

IMHO
Both the keyboards
Good to see, good to showoff,. But not for use for more than 15 minutes

[The Policy I follow]

This policy outlines how I try to handle responsible disclosure of a vulnerability
to the product vendors, security vendors and the general public.


Step 1: Vulnerability detected

Step 2: Inform the vendor of the product or the servce formally through email to following mail accounts/aliases
security@VENDOR,
support@VENDOR,
info@VENDOR,
secure@VENDOR,
admin@VENDOR,
sysadmin@VENDOR

Step 3: Wait for vendor's acknowledgement for 5 working days

Step 4: If the vendor fails to acknowledge initial notification within 5 working days, I contact the vendor for second time using mail & other publicly available contact medium such as phone or fax

Step 5: If a vendor response is received within the timeframe we (vendor & me) wait for a reasonable period of time to develop a fix. I make every effort to work with vendors to ensure that they get the technical details and severity of the flaw detected.

Step 6: Once the patch is ready & released with responsible timeframe, in consent with the vendor I will formally and publicly release its security advisories on selected security mailing lists & other forums.

Consent of the vendor for discloser is important as few vendors do not like to get their vulnerability publicized as it may effect their reputation. Respecting their feelings I get the consent from the vendor & then publicize the flaw

tags: Security, Tech

Here we are organizing the third sequel of BarCamp in Pune
A deferred live report :)

0845: Reached Persistent Tower. As I entered the building the first thing I noticed was Kiran running around managing posters. This guy was the man behind the success of BarCampPune3.

0850: Started the day, managed a few posters & then moved to check registration desk @ 7th floor. Few volunteers were already there. Had the first look at the T-shirts which flew in from Bangalore in the morning only. Nice t-shirts, thanks thoughtworks

0900: People started pouring in, thank god it’s not raining at this moment. Registration started. People registering there laptops, putting stickers, admiring t-shirt, moving over to storyboard for planning there sessions

0945: Campers still coming, no session for 1000, planning to move 1045 session to 1030 & start the event.

1000: Almost everybody is done with the breakfast. Wandering around, planning for which sessions to attend.

1015: Welcome & brief intro by Hrishikesh. Good to see that crowd in Pune have started understanding barcamps & unconferences. They know what they are here for & what to expect.

1030: started the first session on 4th floor. Organizers still managing stuff on 4th floor & 7th floor. Kiran & Jatinder jotted down the whole storyboard & got printouts for every camper

1045: I got time to reach one of the sessions, sat for few minutes in TVguide.in by Rakesh Raju. Nice concept.

1050: Showed the first placard of "10 min left" to Rakesh, followed by "5 min left" & "time up". We learnt this from Tarun at BlogCamp. This really helps managing timing of sessions

1115: Same room, Aditya starting (although with few hiccups) on MS Silverlight. Good talk Aditya

1145: finished Aditya's session with "time up" & moved to 7th floor for some discussions

1245: People gathering @ 7th floor for lunch. PSPL canteen had arranged very nice food but pure veg :( There was a sign board sitting next to the sweet dish "One Helping Only". Funny, but don't worry, it’s a BarCamp & people know what they have to do.1330: One table full of BarCamp organizers. Atul, Anand, Jatinder, Anil, Harshal, Tarun, myself, Karthik, we are missing you Dibya! Nice time to decide future camps (I know we are yet to finish this one)

1400: Started a new thread in discussion room on 1st floor with Rohas Nagpal telling people about how to setup a tech company in US/UK/Singapore.

1402: The first announcement about ClubHack. Thank Atul for your loud voice to catch attention. We announced the next big event ClubHack & noticed that people were quite excited about the same.

1430: Waved "5 min" sign to Rohas & moved to 4th floor to announce ClubHack in other rooms

1445: All announcements done, now attending the session on LifeLogger by Anand. Andy you do such complex thing???

1515: I didn't wanted to show the time up thing to Anand as he was from my own team, but can't help it. Thanks to everyone no one got offended (hopefully) & managed the sessions properly.

1530: Same room attending session by Freeman on OpenSource Education. You are doing a great work Freeman.

1600: Snax time! I wonder why the tomato sauce was kept in such a big vessel, many people misunderstood it for soup :)

1630: Session on Firefox addons by Vinod. I tried learning this things many times :). Helpful session Vinod, but I’m not sure when I’d start writing my own addon

1715: All organizers gathered in lobby. Discussed how many track did they were able to attend. Hey look at this even I got chance to attend 5 and half sessions. I know it’s a big count when you are also in organizing team. Thanks to PSPL for such a nice arrangement.

1730: Another session about to start but not feeling like attending it. Started winding up stuffs

1800: Had to barge in last session and request Amit to end up his session on web2.0 powered by PHP. Sorry guys but need to finish of stuff in time.

1830: All organizers sitting in the beautiful lobby of PSPL relaxing after a successful day, 07/07/07 was really a good day for us.

1900: Packup & go!!! hope to see you all in next camp / ClubHack.

I know Atul & Anand will be moving to US soon, but I’m sure we'll get there assistance from remote. After all it’s a digital world.

tags: BarCamp, Events

A funny incidence happened in BlogCampPune few days back

There were 4-5 guys (read GEEKS) standing & chatting with few cute babes.
While the conversation was going on, a guy came from back & said
"hey, my CSS is not working fine in IE6, its working in IE7 & FF"
Guess what, suddenly everyone turned their back to the girls & started suggesting this dude about how to solve his problem

The girls were non-technical & were taken aback by the incidence. I think they even felt bad & one geek understood it, he turned to the girls & explained them
"This a typical geek behavior dear, don't feel bad"

Isn't it actually geeky :)

Yes you read it right - No steganography software

So here is a quick howto on doing image steganography with common tools, no specialized software.

1: Compress the file you want to secure( I tried both rar & zip), say secure.zip
2: Take the image file which you want to use, say image.jpg
3: run the following command
copy /b image.jpg + secure.zip hidden.jpg
4: Double click hidden.jpg & you'll see the original image
5: Open the file in archiving utility (I tried winzip & winrar)
6: It will open the content of original secure.zip

Analysis
copy commands copies the content of both the files into a third file
The third file starts with the header of an image & even the extension is of image, so the OS (tried KDE & GNOME in case of Linux) interprets it like an image & shows the image, that too without any distortion or noise in the image.

/b option indicates binary operation & takes care of any possible goofup.

PoC
Image on left is the original image & where as one on the right is with hidden content, try opening it in any archiving software.

tags: Security, Tech

I just got my office scanned for software inventory using a tool called belarc advisor.While going through reports I wondered how easy it can be for anyone to get license key of any software using belark report & google

Just try this search & you'll get to know by yourself

http://www.google.com/search?hl=en&q=intitle%3A%E2%80%9DBelarc+Advisor+Current+Profile%E2%80%9D


Scary, very scary...

tags: Security, Tech

Apart from the reason that black is my favorite color, I found yet another reason for background of my site & blog to be black in color

# Black pages are more ergonomics
# Black background saves energy (more in case of CRT than LCD)
# Black is my favorite color
# Black is a nice movie (India);)

There are two Indias in this country.

One India is straining at the leash, eager to spring forth and live up to all the adjectives that the world has been recently showering upon us.
The other India is the leash.

One India says give me a chance and I'll prove myself.
The other India says prove yourself first and maybe then you'll have a chance.

One India lives in the optimism of our hearts.
The other India lurks in the skepticism of our minds.

One India wants. The other India hopes.
One India leads. The other India follows.

These conversions are on the rise. With each passing day more and more people from the other India have been coming over to this side. And quietly, while the world is not looking, a pulsating, dynamic new India is emerging.

An India whose faith in success is far greater than its fear of failure. An India that no longer boycotts foreign-made goods but buys out the companies that make them instead.

History, they say, is a bad motorist. It rarely ever signals its intentions when it's taking a turn.
This is that rarely-ever moment. History is turning a page.

For over half a century, our nation has sprung, stumbled, run, fallen, rolled over, got up and dusted herself and cantered, sometimes lurched on. But today, in our 60th year as a free nation, the ride has brought us to the edge of time's great precipice.

And one India - a tiny little voice at the back of the head - is looking down at the bottom of the ravine and hesitating.

The other India is looking up at the sky and saying it's time to fly.


http://www.indiapoised.com/

Watch videos @ http://www.indiapoised.com/video2.htm