// TODO: no error checking - we’re bold…

This has to be the best code comment ever. Not very intelligent, but humorous at least. Probably explains why the application got hacked 45 minutes after launching on the web. The victim was John McCrea, Plaxo’s VP of Marketing, using the first web application based on Google’s new OpenSocial APIs.

If you’re curious, OpenSocial is Google’s new interface for creating widgets/gadgets/apps for social networking platforms. It’s partners currently include Engage.com, Friendster, hi5, Hyves, imeem, LinkedIn, MySpace, Ning, Oracle, orkut, Plaxo, Salesforce.com, Six Apart, Tianji, Viadeo, and XING. No information yet whether Facebook, Microsoft, or Yahoo will be joining the initiative. If it makes its way to Facebook at some point, you’ll want to be aware for the simple reason that a poorly coded application can be vulnerable to attack. Some existing Facebook applications have vulnerabilities, but for the most part are limited.

Source:
Techcrunch - First OpenSocial Application Hacked Within 45 Minutes

Categories: Tech
Tags: code, Google, Plaxo

Slashdot

Originally uploaded by anwamehtar

Party! Update: I went to the Slashdot 10th Anniversary Party tonight held in Seattle. They’re holding ‘em all over the country and I was fortunate enough to make it to this one. There were piles of pizza from Costco, flats full of soda, and even a cake.

Best of all, however, was the ample conversation to be had with people easy to relate to. Why? Because all of us read Slashdot and are all therefore somewhat bent towards topics related to technology, computers, the internet, gaming, blogging, etc.

I had a great time, got a few email addresses, and hope to actually see some of these folks again.

Categories: Life, Tech
Tags: party, Slashdot

NEW ADDRESS: http://anwanore.com/projects/mytwitter — The plugin has a new address at a project page I created exclusively for the MyTwitter for Wordpress plugin

Plugin: MyTwitter
Current Version: 1.5 (Updated February 10, 2008)
Download (Zip) (from official Wordpress Plugins site)
Download (Zip) (from my server)
Note: Only download from sites you trust. I’ve seen a few illegitimate spam sites popping up with ripped-off copies of the text and files with no attribution.

About: MyTwitter allows users to display their Twitter status updates (tweets) on their Wordpress blog and update their status through the Options page. Includes customization options including number of recent twitters to display, formatting options, and stylesheets. It can be called as a function or used as a widget.

MyTwitter @ Twitter: http://twitter.com/MyTwitt3r

Please see the new project page for MyTwitter for installation assistance and to leave any comments about the plugin.

Categories: Tech
Tags: code, plugin, Twitter, Wordpress

If you purchase digital music at all (oh, I know some of you are pirates, don’t try to hide it from me), let me point out the newly born Amazon MP3 (beta). All of the songs are straight MP3s (no DRM) so they’ll work just fine on iPods or any MP3 player or can be burned to CD without any difficulty. The site doesn’t have as much selection as iTunes (at least not yet), but they’ve snagged content from major labels Universal and EMI. So you can enjoy artists such as Kanye West, Coldplay, and David Bowie.

You don’t listen to Bowie? Ok, that’s fair, neither do I.

Another advantage over iTunes: price. The top 100 songs are $.89/each and the top $100 albums are $8.99. In general though, song costs start at $.89 and depend on length.

via Daring Fireball:

Amazon’s single pricing is based on track length. Songs that are more than seven minutes long cost $1.94, songs more than 14 minutes cost even more. This isn’t necessarily a bad deal compared to iTunes — Apple makes many of these tracks album-only.

Oh, and for a sweet taste of irony… have you seen the new Apple nano advertisement? You know, this one:

iPod nano featuring Feist - 1234

The irony is that this song is the #1 (album version) and #4 (single) most purchased song on Amazon MP3, it costs 10 cents less than on iTunes, and there’s no copy restrictions.

Categories: Music, Tech, The Sphere
Tags: Amazon, iTunes, mp3

The Pirate Bay (one of the internet’s largest torrent indexers for movies, music, TV, etc.) is suing a number of large media companies including Fox, Universal, Paramount, and more. Why? “The charges are infrastructural sabotage, denial of service attacks, hacking and spamming, all of these on a commercial level.” More details at TPB blog.

How’d all of this come about? A company named MediaDefender (if you check Wikipedia, hope you’re getting it on a day that the company isn’t trying to sanitize its profile). The scandal seems to have started a few months ago, but more details are continuing to be revealed as 700MB of the company’s email was recently acquired, bundled up and offered for download from a torrent site. Essentially, it has come to light via these emails that MediaDefender has been working with a large number of the media companies to hack users of peer-to-peer (P2P) filesharing services and attack various websites such as TPB.

One large aspect of MediaDefender’s work is digging up information about P2P users. They set up a video sharing website (Miivi.com — not there anymore) in order to gather personal information about users who posted video content.

The most frightening aspect of all of this is the methods the company is using. The attacks on P2P sites, the fake video-sharing site, etc. And it’s not only the big media companies who use their services. A recorded phone call has surfaced containing a conference call between MediaDefender and members of the New York Attorney Generals Office. The NY AG office appears to have partnered with MediaDefender to track down info about child-porn sharers. Now, shutting down child-porn sharers is 100% an excellent goal, but I’m not much thrilled when any government agency is buddying up with a company who itself circumvents legal methods of action and resorts to phishing, hacking, DOSing, spamming, and sabotage.

In a fantastic twist of irony, hackers everywhere now seem to be using MediaDefender for target practice. The leaked emails were culled from one of their employee’s private Gmail accounts. I don’t know exactly how the phone call was captured, but the NY AG’s office was using a VOIP (voice-over-IP) connection and this could have been hacked/recorded somehow. Now that P2P users are aware of the threat from this company, they’re able to use information about the company in order to circumvent MediaDefenders ability to track them using applications such as PeerGuardian (site | wiki).

The outcome of the MediaDefender scandal will be interesting to watch. The company has certainly had their reputation trashed, at least among the IT crowd (no, not that The IT Crowd). The lawsuit will be watched closely as it could signal the tides of change in the ongoing privacy vs piracy war in Sweden and in general.

Note: I’m not defending intellectual property pirates. I just don’t want to relive 1984 or any other sort of dystopian nightmare.

Sources:
- The Pirate Bay Files Suit Against Big Media
- Leaked Media Defender e-mails reveal secret government project
- Peer-to-peer poisoners: A tour of MediaDefender
- MediaDefender Phonecall
- MediaDefender Emails
- Hackers Smack Anti-Piracy Firm Again and Again
- Media Defender emails

Categories: News, Tech
Tags: MediaDefender, pirates, torrents, Wikipedia