Hi
Silently... Voxeo has closed one more acquisition. Official Announcement may be next week.
Guess who it may be. ??? Is it company based out of India ? Is it company who is working on SCXML or Mrcp V2 or VoicePrint/VoiceVerification or VoiceXml 3.0 ?
Feel free to comment for any details :)
-Raxit Sheth
Thursday, May 21, 2009
Tuesday, May 12, 2009
Security & Discloser.
We have discovered the Bug on 14-Feb-2009, Till yesterday BharatMatrimony.com did not taken enough care to update their login page completely... But when we had disclosed How we have done this...and couple of blogger's had put the posts regarding this.... within less than 24hr, these folks has changed the login page.
The stuff, BM did not taken care to do in 3 months... is done by less than 24hr !
Normally Security Folks follow the ethical practice, not to disclose the loophole till they completly fix it, even in past During Myntra Hack we have waited for 2-3 days, till their tech team will fix it. However Incase of Myntra, their team is active, when we reported the issue within next 6hr they called us, However in this case, since last 3 month looks like they stay dumb, with hope We will not going to publish it ! None will know it ! and kind of Lazy !!!
As per my understanding, No system is secure, however when someone will report you Security Loophole, atlest for the sake of your users... you should try to understand it and if possible fix it, or put practical workaround ! the work you have done in last 24 hr, you might have done in last 3 months ! But who cares ??? :)
Just Chill
Raxit Sheh
The stuff, BM did not taken care to do in 3 months... is done by less than 24hr !
Normally Security Folks follow the ethical practice, not to disclose the loophole till they completly fix it, even in past During Myntra Hack we have waited for 2-3 days, till their tech team will fix it. However Incase of Myntra, their team is active, when we reported the issue within next 6hr they called us, However in this case, since last 3 month looks like they stay dumb, with hope We will not going to publish it ! None will know it ! and kind of Lazy !!!
As per my understanding, No system is secure, however when someone will report you Security Loophole, atlest for the sake of your users... you should try to understand it and if possible fix it, or put practical workaround ! the work you have done in last 24 hr, you might have done in last 3 months ! But who cares ??? :)
Just Chill
Raxit Sheh
Wednesday, May 06, 2009
AVIOS Contest open !!!
Hi Speech Enthus..
The AVIOS Contest is open now !! If you are creative,innovative Student, have some geeky idea about Speech Technology... do read this and give it a try... There are many platform available, and prizes also :). Seems like a golden chance for Student.
http://www.avios.org/contest/index.htm
-Raxit Sheth
The AVIOS Contest is open now !! If you are creative,innovative Student, have some geeky idea about Speech Technology... do read this and give it a try... There are many platform available, and prizes also :). Seems like a golden chance for Student.
http://www.avios.org/contest/index.htm
-Raxit Sheth
Wednesday, April 08, 2009
Guruji down ???
I am just searching Guruji Music. But seems to be down... :(
Guruji music recently launched Social App on Orkut and Facebook, they are also seems to be down. While writing this... Music Search functionality is down (which is one of the core part of Guruji Music).
The Bad point is there is no update/downtime status.
The good point is service is useful and someone is noticing it is down :)
Do share your view....
-Raxit Sheth
Guruji music recently launched Social App on Orkut and Facebook, they are also seems to be down. While writing this... Music Search functionality is down (which is one of the core part of Guruji Music).
The Bad point is there is no update/downtime status.
The good point is service is useful and someone is noticing it is down :)
Do share your view....
-Raxit Sheth
Tuesday, January 27, 2009
ClearText Password & Wordpress
Few days back i had post about cleartext password on Jeevansathi.com now its Wordpress ! :)
You can test it, if you are having any blog on wordpress.com like www.raxitsheth.wordpress.com or you are having blog on your site which is powered by wordpress.
Create a post, password protect it. Take any cookie viewer/proxy/cookie-editor, and view your password in cleartext in your cookie !!! Can't believe.... check this snap ....
So What ???
1. storing password (in cleartext)(or any piece of info which someone can misuse) at client side is just dumb idea !
2. Even this cookie is only readable by your wordpress.com domain/subdomain/blog-address, if any bug in wordpress like XSS can exploit this.
3. Forgot the 2, if you are in cybercafe/office/behind proxy... you admin can read the password of password protected blog. !!!
Note 1 : wordpress.org is already knowing the issue [since 2 year ???] and ticket is re-opened here
http://trac.wordpress.org/ticket/3316
Note 2: If you are in/ around Mumbai, you can catch me during OWASP Meet, venue/date will be declared soon.
Interesting ???? Share your comment here....
-Raxit Sheth
www.Mykavita.com 1st birthday !
You can test it, if you are having any blog on wordpress.com like www.raxitsheth.wordpress.com or you are having blog on your site which is powered by wordpress.
Create a post, password protect it. Take any cookie viewer/proxy/cookie-editor, and view your password in cleartext in your cookie !!! Can't believe.... check this snap ....
So What ???
1. storing password (in cleartext)(or any piece of info which someone can misuse) at client side is just dumb idea !
2. Even this cookie is only readable by your wordpress.com domain/subdomain/blog-address, if any bug in wordpress like XSS can exploit this.
3. Forgot the 2, if you are in cybercafe/office/behind proxy... you admin can read the password of password protected blog. !!!
Note 1 : wordpress.org is already knowing the issue [since 2 year ???] and ticket is re-opened here
http://trac.wordpress.org/ticket/3316
Note 2: If you are in/ around Mumbai, you can catch me during OWASP Meet, venue/date will be declared soon.
Interesting ???? Share your comment here....
-Raxit Sheth
www.Mykavita.com 1st birthday !
Friday, January 23, 2009
Aamirkhan blogging on Indiatimes ???
Hey
Will update this post ! busy chatting with few friends :)
-Raxit
Will update this post ! busy chatting with few friends :)
-Raxit
Sunday, January 18, 2009
Is BigAdda.com sleeping !! My Guest post on Dinesh Soni [Hatkebol] Blog
I just write a guest post for Dinesh Soni.
Its related to bigadda.com and bigadda.in !
You may want to read it here
-Raxit Sheth
Its related to bigadda.com and bigadda.in !
You may want to read it here
-Raxit Sheth
Saturday, January 17, 2009
Your Twitter password !!! Blogcamp Mumbai !
Hi
I just came back from BlogcampMumbai. It was really cool, Learn few stuffs, and attended few session. I may write here after few days about it !
Ok so now, i am just browsing blogs of few folks who were there at Blogcamp ! one was Hardik Shah ! I just open his blog http://hardiks.blogspot.com And Wow !!! I am being asked for my Twitter Password in popup !!!
What do you think, Should i enter my password ???
How can i trust the userid and password is being sent to twitter and not to hardik's site ?
Share your thoughts !!! Any Learning ?
-Raxit Sheth
www.m4mum.com
I just came back from BlogcampMumbai. It was really cool, Learn few stuffs, and attended few session. I may write here after few days about it !
Ok so now, i am just browsing blogs of few folks who were there at Blogcamp ! one was Hardik Shah ! I just open his blog http://hardiks.blogspot.com And Wow !!! I am being asked for my Twitter Password in popup !!!
What do you think, Should i enter my password ???
How can i trust the userid and password is being sent to twitter and not to hardik's site ?
Share your thoughts !!! Any Learning ?
-Raxit Sheth
www.m4mum.com
Friday, January 09, 2009
Satyam : What Next ? What Do you do ???
Satyam !!! What Next ???
There are more fiasco coming including
"Satyam head arrested and existing board scrapped".
"Infy not to poach Satyamites"
"No Salary for Next 2 month ! for Satyamites"
What do you do if you will new board member of Satyam ???
this is just very common thinking, put your thoughts below !!!
This is just common points, What you will do for execution of this ? or other relavant points ?
----
Update 1:
Some good sign for Satyamites !
hemantkumarjain [working for Satyam]: we have no communication from management that there will be no salary .. infact we have assurance that salary will come.
Disclosure of name with his permission. Hemant is friend and barcamper.
----
Repeating the question :
Assume you are appointed in Satyam's board, what all steps you will do for the best interest of all ???
-Raxit Sheth
There are more fiasco coming including
"Satyam head arrested and existing board scrapped".
"Infy not to poach Satyamites"
"No Salary for Next 2 month ! for Satyamites"
What do you do if you will new board member of Satyam ???
this is just very common thinking, put your thoughts below !!!
This is just common points, What you will do for execution of this ? or other relavant points ?
- Accessing company's financial situation and fianancial confidence...
- Steps to not lose existing clients/contracts
- Steps to not lose existing workforce/associates [or totally reverse, if copmany is in financially worst problem !]
- Winning confidence of associates,clients and investors !
- Steps to make regular work normal, Removing uncertainities and making picture more clear.
- Better and Managed PR.
- Fill Bankcruptcy ???
- Claim Tax Refund ??
- Raise more money from external source ?
----
Update 1:
Some good sign for Satyamites !
hemantkum
Disclosure of name with his permission. Hemant is friend and barcamper.
----
Repeating the question :
Assume you are appointed in Satyam's board, what all steps you will do for the best interest of all ???
-Raxit Sheth
Subscribe to:
Posts (Atom)