Archive for 2010

[hackersmag] Weak Excuses after Weak Security :: Mozilla’s user a/c on Public Server

Posted in AbhishekKr, Blogroll, security with tags , , , , , , , , on December 29, 2010 by abhishekkr

@ [29-Dec-2010]

Weak Excuses after Weak Security :: Mozilla’s user a/c on Public Server

On Dec-17-2010, Mozilla was reported about availability of its user-accounts (partially, which were used on over a public server.

They have projects like Firefox (super famous web-browser), NSS (one of the most famous libraries for developing secured client-server application), and more… if an organization like them do a mistake like this, oh yeah… hackers paradise

it’s how they defend themselves…
database included 44,000 inactive accounts using older
but don’t you think… even inactive users on a site deserve their privacy, and if they were inactive and not important then……….

…click here to read full blogPost

[hackersmag] bypass user level restrictions, bug-case in ‘’

Posted in AbhishekKr, ABK Labs, security with tags , , , , , , , , , , on December 21, 2010 by abhishekkr

@ [21/Dec/2010]


access-video@Vimeo: [view/download original nice resolution video here]

bypass of user level restrictions, a case of bug in ‘’

So, here is a bug (which  has now been fixed) in… that allowed users to get a local copy of documents which were devoid of download and print options.

It’s how layered limitation can be broken, and why restrictions must be implemented root-level-up and not just as user-level module.

…click here to read full blog-post and view real-case video

[] GitHub’s “purely artificial and poorly intelligent” A.I.

Posted in AbhishekKr, Blogroll with tags , , , , , , , , , on December 20, 2010 by abhishekkr

@ [20/Dec/2010]

encounter with GitHub’s A.I. which is “purely artificial and poorly intelligent”

Recently, I had an interesting encounter with GitHub’s A.I. which was purely artificial and poorly intelligent.
I have a repo at ‘‘; it’s an experimental web-server developed in ‘Java’ but it has been marked as ‘Javascript’.

Now I’m a bit hard at things which don’t work to their potential… but I don’t think their is anything wrong in it.

So yeah there is an ‘Artificially Poorly Inferenced Logic‘ implemented in so advanced GitHub
which could have been ‘Smartly Easily Granted Control‘ to not so artificially intelligent Users…

…click here to read full blog post

[] only few domains DNSSEC protected, WHAT ABOUT YOU

Posted in Blogroll, security with tags , , , , , , , , , , , , , , on December 20, 2010 by abhishekkr

@ [17/Dec/2010]

Are you protected with DNSSEC:
[] in mid-2010, DNSSEC got deployed over ‘root-DNS-server’ and ‘.org’ domain
[] on 10-Dec-2010, Verisign deployed DNSSEC in ‘.net’ zone too
{securing more than 13million registrations online}
[] preparations are up to sign the ‘.com’ zone in first quarter of 2011

Verisign has even launched a cloud based DNSSEC implementation service to ease its implementation in organisations…

…click here to read the full post

testBinary: TextMaker Viewer 2010 [multi-format document viewer]

Posted in Uncategorized with tags , , , , , , , , , , , , , , , , , , , on May 23, 2010 by abhishekkr

with all gr8 online office-suites ‘n less Hard-disk space… got no Office-suite installed but to open offline documents quickly/offline… just started using a Multi-Format Supporting TextMaker Viewer 2010