DISCLAIMER:
following entry is written with the intent to warn the users to be cautious while providing their sensitive information like credit card details while shopping online. all the analysis and judgement is absolutely based on my "current" knowledge about the whole concept and the readers are requested to make decisions based on theirs.
just few weeks back i was trying to book a movie ticket online and i realized that the site was not secure enough to provide sensitive information (credit card details). i realized that the form was being submitted over plain http instead of secure (https) protocol. my obvious attempt was to manually hit the https version of the URL but it failed. it took me back to the http form. i had to back off the booking plan .... i just prefer to play safe .... not that my credit limit is too high ;) but why take a chance. the theater was one of the reputed ones. i was really surprised coz it had the "Verisign Secure Site Safe Scrypt" logo on it. i clicked on the logo just to verify things, it lead to some auto-generated page for that site which said the site was authentic so that i was guaranteed that the recieving party (for the card information) was the one to whom the site belonged to. but it had some clause at the bottom which said "All information sent to this site, if in an SSL session, is encrypted, protecting against disclosure to third parties." what it implies is that if its not over SSL, you may not be guaranteed security against eavesdropping. that is very convinient, isn't it? this is obviously my interpretation of the statement and everything rest is based on this "assumption".
it is pretty much scary just to imagine that your sensitive information is going in plain text over wire. on second thoughts, i thought probably they must've used some new kinda technology which would encrypt and send even though it appeared to be plain http. i also thought that it could be the case of http upgrading to https (thats possible with http 1.1 though i could not entirely understand how it works) but then i tried submitting the form .... still there was no sign of https.
the only option left was to try capturing the raw packets just before they leave my machine. i verified that the information was going unencrypted by capturing few packets using a packet sniffer. well i wasn't much surprised to see the information flowing in clear text in the request packet .... i was expecting it, but just wanted to make it sure. its really very dangerous. i immidiately sent mail to theater authorities but there was no response. as far as the logo(certificate of authenticity) issuing authorities are concerned they have clearly mentioned that if not over SSL, it may not be safe. now usually anyone wouldn't look into details once we spot the security logo. but then its our mistake that we simply assume that everything is safe.
also i feel that the authorities should have issued certificate of genuine party / authenticity but safe scrypt could be misleading.
well is it the user , is it the certification/ logo authority or is it the theater authority to be blamed ... im not sure but the user would surely suffer if somebody exploits such flaws.
so before you provide such information, always ... always watch out for
1) https protocol
2) certificate information (giving public key of the party)
just to make sure its safe, at least going in the encrypted form.
- signing off
ameyas7
Sunday, July 29, 2007
Sunday, July 15, 2007
google on my cell ....
no no no this is not yet another google oriented blog (actually even the earlier one wasn't but if u felt so :p)
ohh before you begin reading this entry, FYI ... i changed my blog template so now you can listen / watch any song from my playlist (its just few of my fav picks) while you read this space. i wanted to put this at the end of the entry but.... by then you'd almost be done with it so you would'n be able to enjoy the songs :) n hey i've also added "track your visitor" map at the end of the page. so now even if you dun put a comment i can see traces ;) its kool isn't it?
recently i downloaded google maps for my cell. its really kool. especially for ppl like me who lack road sense ;) ye i have hard time figuring out roads n maps not that im a traveller but even the city alleys can be confusing considering im still new to pune :) so hopefully this will make life easy. hehehe although i wont be using this thing often as i can afford to get lost n pay for the cab than to see those GPRS bills ;) lol just kidding. but this is really cool stuff. using *i-fi makes you feel good. i still remember i bought my old nokia 6610i with an intent to develop some j2me apps but that was way back in 2004 but unfortunately i cud not really nurture the idea. n today i have a much better cellphone but i still lack the dedication to make productive use of it. anyways someday ill write my own utils. as of now lets jus download n hav fun :D
just when i was finished with google maps exploration, i started searching for random apps / utilities and i found whole bunch of them. i found small utils right from some office apps, converters bla bla bla to some hacker stuff like discharging the cell battery, using the light to dim-bright n exploit the battery. of course i did not try those as my cell is too precious to test all these nifty little utilities ;) if u wanna try, lemme know ill pass on the URL. (disclaimer: try this at your own risk) even today i dont own a 3G phone but EDGE works for me. not all that bad. so if you are checking the real-time satellite images in the google maps it may take a while before it actually shows up but that's ok.
this mobile market is goin crazy. especially with such a HUGE customer base in asian countries, all the n/w providers are making loads of $$$$. imagine countries like india, china, japan singapore, malaysia they can provide GREAT market potential. that is why you can see all biggies entering this segment already. even yahoo has launched Yahoo! Go. you can expect some tie-ups with the mobile manufacturing companies. you wouldn't even imagine the amount of money these telecom providers make just with those stupid SMS to some 4 digit shortcodes for some contests, votes etc. well lets keep all that aside considering the positive aspect that its helping (contributing) in lot of other ways including economical growth.
yesterday i saw Die Hard 4.0 ... what was that? i mean c'mon have they started immitating bollywood ? hehehe. seriously it started out pretty well. it was al about cyber attacks into the public services. it wasn't all that unrealistic but later on it completely turned into the typical dumb movie. pretty sad huh. it was good to see F35 take off ;) but the whole concept was stupid. F35 tracing a VOLVO truck wow looks like choppers do not excite the general public anymore .... action effects are good but again some are really illogical. there was some guy who was even swifter than spiderman lmao. why cant we have some intelligent action movies. keep it simple but logical.
well thats all for the action this week ;)
- signing off
ameyas7
ohh before you begin reading this entry, FYI ... i changed my blog template so now you can listen / watch any song from my playlist (its just few of my fav picks) while you read this space. i wanted to put this at the end of the entry but.... by then you'd almost be done with it so you would'n be able to enjoy the songs :) n hey i've also added "track your visitor" map at the end of the page. so now even if you dun put a comment i can see traces ;) its kool isn't it?
recently i downloaded google maps for my cell. its really kool. especially for ppl like me who lack road sense ;) ye i have hard time figuring out roads n maps not that im a traveller but even the city alleys can be confusing considering im still new to pune :) so hopefully this will make life easy. hehehe although i wont be using this thing often as i can afford to get lost n pay for the cab than to see those GPRS bills ;) lol just kidding. but this is really cool stuff. using *i-fi makes you feel good. i still remember i bought my old nokia 6610i with an intent to develop some j2me apps but that was way back in 2004 but unfortunately i cud not really nurture the idea. n today i have a much better cellphone but i still lack the dedication to make productive use of it. anyways someday ill write my own utils. as of now lets jus download n hav fun :D
just when i was finished with google maps exploration, i started searching for random apps / utilities and i found whole bunch of them. i found small utils right from some office apps, converters bla bla bla to some hacker stuff like discharging the cell battery, using the light to dim-bright n exploit the battery. of course i did not try those as my cell is too precious to test all these nifty little utilities ;) if u wanna try, lemme know ill pass on the URL. (disclaimer: try this at your own risk) even today i dont own a 3G phone but EDGE works for me. not all that bad. so if you are checking the real-time satellite images in the google maps it may take a while before it actually shows up but that's ok.
this mobile market is goin crazy. especially with such a HUGE customer base in asian countries, all the n/w providers are making loads of $$$$. imagine countries like india, china, japan singapore, malaysia they can provide GREAT market potential. that is why you can see all biggies entering this segment already. even yahoo has launched Yahoo! Go. you can expect some tie-ups with the mobile manufacturing companies. you wouldn't even imagine the amount of money these telecom providers make just with those stupid SMS to some 4 digit shortcodes for some contests, votes etc. well lets keep all that aside considering the positive aspect that its helping (contributing) in lot of other ways including economical growth.
yesterday i saw Die Hard 4.0 ... what was that? i mean c'mon have they started immitating bollywood ? hehehe. seriously it started out pretty well. it was al about cyber attacks into the public services. it wasn't all that unrealistic but later on it completely turned into the typical dumb movie. pretty sad huh. it was good to see F35 take off ;) but the whole concept was stupid. F35 tracing a VOLVO truck wow looks like choppers do not excite the general public anymore .... action effects are good but again some are really illogical. there was some guy who was even swifter than spiderman lmao. why cant we have some intelligent action movies. keep it simple but logical.
well thats all for the action this week ;)
- signing off
ameyas7
Sunday, July 01, 2007
garaj baras saawan fir aayo ....
well this week was a little hectic @ work. but it certainly ended in a pleasant way.
saturday morning i was reading this book called "Good to Great" by Jim Collins. this book is based upon various case studies performed by the research team consisting of top graduates from B-schools and the author himself. i'm not really fond of reading books but i have enjoyed case studies, philosophical, management related text. well this book was lying with me for almost a year and a half now but never thought of turning the coverpage :) actually i got this book as a prize for being a topper in the ITP training programme at Tech Mahindra. just few days back we had Tom Kendra visiting Symantec's India center and his talk sounded on the same lines of this book (i had read few pages just when i got the book and i could easily relate things almost instantly) . it created a spark and finally i'm reading it. i'm not done with the book yet. might write a seperate entry on it after i finish. the electricity went off in the noon and i had nothing to do so i was just passing the time by playing games, listening to songs on my cell.
at around 2 pm ijoe called up and told me that lets go out. we had absouletly no plans where to go but we just wanted to do something. jassi and hari had also come. ijoe and jassi were my NCST mates whereas hari lives in ijoes's apartment. it was raining heavily and we wanted to enjoy the rains and the obvious way was to go on a bike ride. so we started at around 2:30 pm. just 5 mins away from our place near shoppers stop we found that the LBS road was closed , the mall was flooded with water and they were actually using the pumps to get the water out as fast as possible. unfortunately the other side of the road was lucky and was not blocked. so some people actually smashed the divider and let the water flow on the other side. we also saw 1 maruti zen slipped into gutters. looked like the driver could not see the boundaries of the road, gutter or not sure what went wrong there but they had called for fire brigade to rescue.
while some people were stuck at various places, some were trying to reach home as early as possible, we were out enjoying the rains and we decided to head towards the cyprus (near yogi hills) just about 15 mins away. when we reached cyprus, loadsa ppl were on the road enjoying the climate. it was a nice experience. we had vada-pav and then we decided to climb up the hills. this is the same hill which seperates the mulund-thane area from the western suburb borivali. you can also see The Sanjay Gandhi National Park sign boards in this area. we reached the first level of the hill. this is a place from where one can get the hilltop view of major parts of mulund-thane. now they have made a official base like structure so even civilians visit this place often and is quite easy to reach here. the view was damn good and the rains just doubled our joy. i wish i had a waterproof camera so i could share pics coz im really not that good at describing things. it was good but we wanted more :) so we decided to climb up some more (to the 2nd level as we called it) it was little difficult .... sort of small trekking experience. but it was worth it. we could see all the greenery and not just the concrete jungle. it was really good. we had 1 more level to make it to the very top but we left it for some other time sake :) rain started slowing down n so was our enthu level. we slipped 4-5 times while getting down, there were no injuries but climbing part was comparitively easier. we got down, had another round of vada-paav and cutting chai then we decided to go towards airoli-vashi side. we were completely drenched already. i mean we have been enjpying raing since almost 2 hrs now n still we were feeling the rain showers hittin us on the way to vashi. it was pretty chilled. climate was good we could see some part of nahur village (near the eastern express way) all drowned under the water. the rain drops were hitting our faces so hard but we were still enjoying it. then we reached airoli n some took a halt for 10-15 mins on some newly discovered road. we had a chit chat for while then we headed back. i finally reached home around 5:30 pm, hit the showers, had another hot cup of tea. felt sooooooo good :)
evening was nothing special. just watched TROY and went to sleep. got up late today. it was still raining. it just wont stop. there was no electricity today as well for quite some time. not sure whats the problem these days but apprarently the power shedding has been stopped.
saw 300 today evening. these movies have their own charm. i have already seen it in theaters but still enjoyed it again. great leaders, great men and great skills. it is quite interesting to learn about the ancient war techniques. they all had their own unique style. discovery has showcased many shows on this topic.
offnote iPhone was launched this Friday and im sure it mustv'e sold million pieces already. its definitely on my wishlist, so if you don't know what to gift me for my b'day, heres a hint :p (in your dreamsssss ...ohhh i could hear that) ye ye i am too sleepy already. hopefully it doesn't rain tomorrow morning. i have to catch intercity @ 7:15 am. i dun wanna miss that else it becomes hectic and definitely not a good way to start a new week.
phew ... too many things packed in one entry :) but can't help. i get to blog only on weekendz.
thats all for now.
- signing off
ameyas7
saturday morning i was reading this book called "Good to Great" by Jim Collins. this book is based upon various case studies performed by the research team consisting of top graduates from B-schools and the author himself. i'm not really fond of reading books but i have enjoyed case studies, philosophical, management related text. well this book was lying with me for almost a year and a half now but never thought of turning the coverpage :) actually i got this book as a prize for being a topper in the ITP training programme at Tech Mahindra. just few days back we had Tom Kendra visiting Symantec's India center and his talk sounded on the same lines of this book (i had read few pages just when i got the book and i could easily relate things almost instantly) . it created a spark and finally i'm reading it. i'm not done with the book yet. might write a seperate entry on it after i finish. the electricity went off in the noon and i had nothing to do so i was just passing the time by playing games, listening to songs on my cell.
at around 2 pm ijoe called up and told me that lets go out. we had absouletly no plans where to go but we just wanted to do something. jassi and hari had also come. ijoe and jassi were my NCST mates whereas hari lives in ijoes's apartment. it was raining heavily and we wanted to enjoy the rains and the obvious way was to go on a bike ride. so we started at around 2:30 pm. just 5 mins away from our place near shoppers stop we found that the LBS road was closed , the mall was flooded with water and they were actually using the pumps to get the water out as fast as possible. unfortunately the other side of the road was lucky and was not blocked. so some people actually smashed the divider and let the water flow on the other side. we also saw 1 maruti zen slipped into gutters. looked like the driver could not see the boundaries of the road, gutter or not sure what went wrong there but they had called for fire brigade to rescue.
while some people were stuck at various places, some were trying to reach home as early as possible, we were out enjoying the rains and we decided to head towards the cyprus (near yogi hills) just about 15 mins away. when we reached cyprus, loadsa ppl were on the road enjoying the climate. it was a nice experience. we had vada-pav and then we decided to climb up the hills. this is the same hill which seperates the mulund-thane area from the western suburb borivali. you can also see The Sanjay Gandhi National Park sign boards in this area. we reached the first level of the hill. this is a place from where one can get the hilltop view of major parts of mulund-thane. now they have made a official base like structure so even civilians visit this place often and is quite easy to reach here. the view was damn good and the rains just doubled our joy. i wish i had a waterproof camera so i could share pics coz im really not that good at describing things. it was good but we wanted more :) so we decided to climb up some more (to the 2nd level as we called it) it was little difficult .... sort of small trekking experience. but it was worth it. we could see all the greenery and not just the concrete jungle. it was really good. we had 1 more level to make it to the very top but we left it for some other time sake :) rain started slowing down n so was our enthu level. we slipped 4-5 times while getting down, there were no injuries but climbing part was comparitively easier. we got down, had another round of vada-paav and cutting chai then we decided to go towards airoli-vashi side. we were completely drenched already. i mean we have been enjpying raing since almost 2 hrs now n still we were feeling the rain showers hittin us on the way to vashi. it was pretty chilled. climate was good we could see some part of nahur village (near the eastern express way) all drowned under the water. the rain drops were hitting our faces so hard but we were still enjoying it. then we reached airoli n some took a halt for 10-15 mins on some newly discovered road. we had a chit chat for while then we headed back. i finally reached home around 5:30 pm, hit the showers, had another hot cup of tea. felt sooooooo good :)
evening was nothing special. just watched TROY and went to sleep. got up late today. it was still raining. it just wont stop. there was no electricity today as well for quite some time. not sure whats the problem these days but apprarently the power shedding has been stopped.
saw 300 today evening. these movies have their own charm. i have already seen it in theaters but still enjoyed it again. great leaders, great men and great skills. it is quite interesting to learn about the ancient war techniques. they all had their own unique style. discovery has showcased many shows on this topic.
offnote iPhone was launched this Friday and im sure it mustv'e sold million pieces already. its definitely on my wishlist, so if you don't know what to gift me for my b'day, heres a hint :p (in your dreamsssss ...ohhh i could hear that) ye ye i am too sleepy already. hopefully it doesn't rain tomorrow morning. i have to catch intercity @ 7:15 am. i dun wanna miss that else it becomes hectic and definitely not a good way to start a new week.
phew ... too many things packed in one entry :) but can't help. i get to blog only on weekendz.
thats all for now.
- signing off
ameyas7
Subscribe to:
Posts (Atom)
Me - LinkedIn, R u? 