Hey
Just read announcement by Jim Larson on www-voice that first public draft of VoiceXml 3.0 is available now.
You must be knowing VoiceXml 3 is having major changes over VoiceXml 2.0 and VoiceXml 2.1 !
Have a look and give it a spin ! You may want to contribute to Voice Browser Working Group !
Cheers,
Raxit Sheth
Monday, December 22, 2008
Hacking --- Was it Myntra !!! ?? Yes !
Hi,
Some of you following me on Twitter already had some smell of the stuff and hack!
We wanted to have few T-shirts for MyKavita.com (which is India's leading Poetry website) and Mobile 4 Mumbai (which is first ever city bus search on mobile still in private beta).
Somehow we found that Myntra is leading provider of personalized stuffs like T-shirt, Keychain, Mug etc and we put the order for few T-shirts !
As always, i was in hacky mind and found that Myntra is open system ! Anyone (even non-authorized) user can get some of the very imp and personal information of Myntra's users like Mobile Number, E-mail, Postal Address, Order amount etc !
Additional to that it was fun (although accidently !) to place the order and get invoice without paying any money :)
Here is few sample screenshots which clearly shows your personal information [your name, id, cell no, phone number, E-mail, Postal Address, Order amount and details etc]
We have reported the issue to Myntra on 21st Dec, Sunday around 5:30 IST.
Myntra's team had called me, got explaination and confirmed the security/Privacy loophole within next 4 hr of reporting.
While publishing this post, Ashutosh from Myntra has taken active roll in managing the fix.
Overall impression:
Still its my first shopping experience, they are quick to revert and slow to act upon. After reporting the issues we do have around 3-4 phone calls etc.
Hope, they deliver the stuff on time [even i had not make payment till. :) ]
Disclaimar :
Offer of free T-shirt for not posting this post is rejected :)
Myntra is knowing that we had not make payment, we asked them we will pay full amount as soon as they provide the account details.
Do not worry for creditcard/netbanking information, it was not accessible !
Suggestion to Myntra to have strict auditing of their system
Update 1 :
-------
me: have look at,
--------
Update 2:
Ashutosh from Myntra has called me on 26 Dec around 12:00 am [Or 25 dec around 11:55 pm]. He explained me that normally it is not offered in bribing sense, but it is in customer friendly sense. Whatsoever it is he is feeling shame and sorry for the same stuff.
below is the part of E-mai reply,
"We at Myntra are committed for best user experience. We are very serious about for customer data security.We will have complete security audit of our website and fix if there is any loop hole."
--------
Do you know any other hack ? ping me privately to raxit@m4mum.com !
Happy Hacking :)
Raxit Sheth
www.mykavita.com
www.m4mum.com
Some of you following me on Twitter already had some smell of the stuff and hack!
We wanted to have few T-shirts for MyKavita.com (which is India's leading Poetry website) and Mobile 4 Mumbai (which is first ever city bus search on mobile still in private beta).
Somehow we found that Myntra is leading provider of personalized stuffs like T-shirt, Keychain, Mug etc and we put the order for few T-shirts !
As always, i was in hacky mind and found that Myntra is open system ! Anyone (even non-authorized) user can get some of the very imp and personal information of Myntra's users like Mobile Number, E-mail, Postal Address, Order amount etc !
Additional to that it was fun (although accidently !) to place the order and get invoice without paying any money :)
Here is few sample screenshots which clearly shows your personal information [your name, id, cell no, phone number, E-mail, Postal Address, Order amount and details etc]
We have reported the issue to Myntra on 21st Dec, Sunday around 5:30 IST.
Myntra's team had called me, got explaination and confirmed the security/Privacy loophole within next 4 hr of reporting.
While publishing this post, Ashutosh from Myntra has taken active roll in managing the fix.
Overall impression:
Still its my first shopping experience, they are quick to revert and slow to act upon. After reporting the issues we do have around 3-4 phone calls etc.
Hope, they deliver the stuff on time [even i had not make payment till. :) ]
Disclaimar :
Offer of free T-shirt for not posting this post is rejected :)
Myntra is knowing that we had not make payment, we asked them we will pay full amount as soon as they provide the account details.
Do not worry for creditcard/netbanking information, it was not accessible !
Suggestion to Myntra to have strict auditing of their system
Update 1 :
-------
me: have look at,
just published !
lawania: ok
me: just check if any issue, let me know. will try to correct it.
lawania: see if you can remove the payment thing..as I called you up and asked that you payment is not approved..
me: Hmm. but then how would i get invoice ?
lawania: seems to be unusual cas .. sofar not got such issue..
but we did not get any confirmation mail for payment..
lawania: Since I was there in office on Sunday and I noticed the issue and immdiately called you
me: hmm. i am puting this chat as update ? is it fine ?
it will clearify to reader.
Update 2:
Ashutosh from Myntra has called me on 26 Dec around 12:00 am [Or 25 dec around 11:55 pm]. He explained me that normally it is not offered in bribing sense, but it is in customer friendly sense. Whatsoever it is he is feeling shame and sorry for the same stuff.
below is the part of E-mai reply,
"We at Myntra are committed for best user experience. We are very serious about for customer data security.We will have complete security audit of our website and fix if there is any loop hole."
--------
Do you know any other hack ? ping me privately to raxit@m4mum.com !
Happy Hacking :)
Raxit Sheth
www.mykavita.com
www.m4mum.com
Poetry Meet
Hey
I was attending Poetry Meet, Dec 20th 2008 @ Oxford Book Store ! Overall it was a small but nice and interesting meet !
It was nice to meet poet, especially folks like Renu Rakheja, Preeti Datar.
The one interesting part is one folks shown up, who was @ Taj. He is journalist, namely Bhisham Mansukhani. He had a very interesting thought. The real experience and feeling is very much different,when he had seen terror ! Felt "near death" experience. Very much Agree Sir !
You may would like to read log of his SMS during the "Terror @ Taj Night !" here
Additional to that, there was reading of few intersting poem by Parikshit, Rajshree and other member [sorry could not remember all d name :( ]
There was two queries i am being asked, hey it was not who is kavita ? ;)
1. What languages are supported by MyKavita.com ?
Mykavita we are supporting all the languages, typing support for almost all indic languages are there including Hindi,English,Telugu,Malyalam,Panjabi, Gujarathi, Urdu !. Indeed MyKavita team was few of the early folks which hs involved closely with Wordpress Core team for the plugin development for Indian languages support !. More than that You can have blogs like www.YourName.MyKavita.com
2. Is this my First poetry Meet ?
Yes. Many of you must be knowing i do have some other schedule on Second Saturday ! This was 3rd and fortunately i had just shown up !
I would say it is really interesting to meet Face to Face, it was enriching and good experience. Keep it up your p4poetry i.e. Passion 4 Poetry !
Stay tuned to here more,
-Raxit Sheth
Co-Founder www.Mykavita.com
I was attending Poetry Meet, Dec 20th 2008 @ Oxford Book Store ! Overall it was a small but nice and interesting meet !
It was nice to meet poet, especially folks like Renu Rakheja, Preeti Datar.
The one interesting part is one folks shown up, who was @ Taj. He is journalist, namely Bhisham Mansukhani. He had a very interesting thought. The real experience and feeling is very much different,when he had seen terror ! Felt "near death" experience. Very much Agree Sir !
You may would like to read log of his SMS during the "Terror @ Taj Night !" here
Additional to that, there was reading of few intersting poem by Parikshit, Rajshree and other member [sorry could not remember all d name :( ]
There was two queries i am being asked, hey it was not who is kavita ? ;)
1. What languages are supported by MyKavita.com ?
Mykavita we are supporting all the languages, typing support for almost all indic languages are there including Hindi,English,Telugu,Malyalam,Panjabi, Gujarathi, Urdu !. Indeed MyKavita team was few of the early folks which hs involved closely with Wordpress Core team for the plugin development for Indian languages support !. More than that You can have blogs like www.YourName.MyKavita.com
2. Is this my First poetry Meet ?
Yes. Many of you must be knowing i do have some other schedule on Second Saturday ! This was 3rd and fortunately i had just shown up !
I would say it is really interesting to meet Face to Face, it was enriching and good experience. Keep it up your p4poetry i.e. Passion 4 Poetry !
Stay tuned to here more,
-Raxit Sheth
Co-Founder www.Mykavita.com
Subscribe to:
Posts (Atom)