Wordpress security update - password change and discount coupon

2011-08-19 22:35:54 +0000

Just got this mail from wordpress asking me to change my password. They also offered a 15% discount on their services as a Sorry coupon.. :!

I just wonder how many accounts were affected and what was the exact issue. Hope it wasn't saved in cleartext!

And yes, its a legit email. Just be careful that the link you get finally ends up in https://wordpress.com.

Also, it doesn't ask you to enter your old password but just new password.

Well, I ve changed my password here, but where else is it? Thankfully its one of my lesser used password..

WordPress.com ✆ passwordcoupon@wordpress.com to me

show details 4:43 AM (1 hour ago)

Hello h4ck@lyst,

We recently found and fixed a mistake that we’d like to tell you about. Passwords on WordPress.com are saved in a way that makes them extremely secure, such that even our own employees are unable to see your actual password – the one you enter to login to your WordPress.com account. However, between July 2007 and April 2008, and September 2010 and July 2011, a mistake in one of our systems used to find and correct bugs on WordPress.com accidentally logged some users’ passwords in a less secure format during registration.

We’ve updated our systems to prevent passwords from being logged this way in the future, so this will not happen again. We don’t have any evidence that this data has been accessed maliciously or misused, but to be on the safe side we are resetting your password since your account is among those affected.

Please change your password using this link or copy and paste the URL below into your web browser:


If the password you used when you registered on WordPress.com was one you use elsewhere, you should change it there, too. In the future, remember that it’s good practice to always use unique passwords for different services.

We are terribly sorry about this mistake. No one likes having to create new passwords and we’d like to include a 15% off coupon to say we’re sorry. The coupon can be used for a custom domain, a design upgrade, VideoPress, or a storage space increase. Just use the code below on any of the upgrades on the WordPress.com Store:


If you have any questions, please reply to this email and one of our Happiness Engineers will get back to you as soon as possible.

Thank you,
The WordPress.com Team


WordPress.com | Thanks for flying with WordPress!

Read More

Vodafone 3g call woes - Solved!

2011-08-19 07:18:02 +0000

This blog post is about my recent switch to Vodafone 3G and related experience. Or just related woes. Experience hasn't been much yet.

Vodafone finally launched 3G in bangalore (I think using Airtel infrastructure).

I had tested BSNL 3G earlier (pretty good) but wasn't ready to make a permanent switch to BSNL (number woes despite MNP). Also am quiet satisfied with Vodafone phone services.

Anyways, after I moved to 3G, I suffered a drastic setback. My calls wont be connected! Not dropped connections, but calls simply wont be connected. After I dial a number, it would just hang up in a matter of minutes. Everytime I would ve to reselect the Operator from the network menu. And somehow, the menu would always show two vodafone (and NO Airtel at all!).

I ve an android phone. And there was no simple way to select manual selection of operator explicitly ( I do miss the good old days of not so smartphones at times!).

I did tweet about my woes and VodafoneIN replied with a complaint number.

And on the sidelines, I found the solution, by mistake..

I selected "Use only 2G Network" and voila! All my calls were being connected at ease like before!

Guess this demonstrates the fact that Vodafone uses 3G using airtel network and since airtel becomes the preferred network, the outgoing calls have some issues.

Will debug more on this later in the week.

Read More

Blogging from mobile

2011-08-14 12:46:00 +0000

I am kinda late to the mobile blogging scene, owing to slow gprs speed, missing 3g connection and a mobile device with wifi connection (well I had the ipad for about 6 months now but guess I was lazy). So now that I ve 3g on my nexus s (not to forget wifi on it as well) , I ve now installed WordPress for android on it. I can immediately see the pros n cons of it. Pros - blogging on the move.  Cons - the linking to other pages etc would be more cumbersome as you can't just open a tab, copy a link and paste. A big major pros is the auto suggest and auto correct that you get on all mobile phones. Well... I guess am gonna be happy about it...

UPDATE: I opened the post in my laptop browser to add the android marketplaces link. Guess, mobile blogging will take sometime before its my first choice. I ll try it from my ipad as well. Somehow it appears as if thats gonna be more intuitive.

Read More

How to stop auto selection of preferred network operator in android or set manual operator selection.

2011-08-13 11:53:05 +0000

I was hunting for this question for the past few days, ever since I enabled 3G on my nexus S vodafone connection. The phone would use auto PRL (preferred Roaming List) to switch over the network with better connection. In my case I was getting two vodafone networks. While I could always receive calls and messages, I could never send a message or make a call unless I reselected the other network.

To avoid this, and cases like these , you need to switch off automatically select prefereed network.

The way to do this is

dial *#*#4636#*#*

click Phone Info -> Set preferred network type -> GSM only (or CDMA if you are using CDMA).

The important thing here is not to use any auto or PRL settings.

And voila, now your android phone will only use manual network operator, just like the golden times...

Read More

Samsung Galaxy Tab Blogger Meet #galaxytab

2011-08-08 01:14:56 +0000

comingSoon Live stream would be shown below, alternatively also at the site linked above: http://www.livestreampro.com/samsung/ on August 10th, 2011, @12 pm till 2pm.

Read More

And I ve moved, again..

2011-08-08 00:58:24 +0000

And its time again for the next @indiblogger meetup.

And this meetup prompted me to get my blog up and running again :P I ve moved from slicehost to the parent company rackspace owing to

Even though slicehost itself is about to integrate into the rackspace infrastructure, meaning slicehost will be moving to rackspace cloud and will be charging similar prices, I, as always, being impatient couldn't wait and moved :P


I guess the downside of that being that I had to manually move and setup everything myself. Vs maybe slicehost and rackspace would ve provided moving support had I waited for them :P


but anyways, its the next @indiblogger meetup about the samsung galaxy tab that has got me interested in blogging again. I ve my exams in the next week and I woke up this morning with intent to read, but I took the wrong step of opening up twitter. One thing lead to another and here I am blogging. But considering that the entire thing happened in less than two hours, I think it was a pretty efficient usage of time. Time to get ready for office, and then back and then try to study and blog and tweet and all as usual :)

Good thing be that grandmom aka amma is here now. So I dont ve to worry about dining plans :)

PS: There is a new domain as well, hackalyst.info. Right now anshprat.info and hackalyst.info both point to the same site. Maybe I ll merge, maybe I ll let it be.

And the new site is called muddle-muggle. Muddle - coz of the ever presence confusion. Muggle - coz I wish I was a wizard, or atleast had some super powers :P

Read More

New malware attack hits facebook through chat!

2011-03-19 14:14:54 +0000

I just got pings from three of my friends over facebook chat, all of them containing the same message

Hey, check out this girl, lol, she must be out of her mind for making that video!: bit.ly/eNYMXb

Well, so lets see where does the link take us..

anshup@listsettle-lm: ~$ curl -I bit.ly/eNYMXb
HTTP/1.1 301 Moved
Server: nginx
Date: Sat, 19 Mar 2011 09:35:54 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: _bit=4d8478fa-003c1-04438-d8ac8fa8;domain=.bit.ly;expires=Thu Sep 15 05:35:54 2011;path=/; HttpOnly
Cache-control: private; max-age=90
Location: http://www.torsing.info/
MIME-Version: 1.0
Content-Length: 116

As expected, the first bitly link is a proper redirect to some site. Now lets see what the second link has.

anshup@listsettle-lm: ~$ curl -I http://www.torsing.info/
HTTP/1.1 302 Found
Date: Sat, 19 Mar 2011 09:36:04 GMT
Server: Apache
Location: http://www.torsing.info//dashboard.php
Connection: close
Content-Type: text/html

Hmm, another redirect to same site, not bad.

anshup@listsettle-lm: ~$ curl -I http://www.torsing.info//dashboard.php
HTTP/1.1 200 OK
Date: Sat, 19 Mar 2011 09:36:11 GMT
Server: Apache
Connection: close
Content-Type: text/html

anshup@listsettle-lm: ~$ curl http://www.torsing.info//dashboard.php
<script type='text/javascript'>top.location.href = 'https://www.facebook.com/login.php?api_key=134003950005663&cancel_url=http%3A%2F%2Fwww.torsing.info%2Fmain.php&display=page&fbconnect=1&next=http%3A%2F%2Fwww.torsing.info%2Fdashboard.php&return_session=1&session_version=3&v=1.0&req_perms=xmpp_login';</script>

Now here is the bad part!
As you see in the last output, its merely a trick to directly access your facebook credentials as if you approved it (thats my assumption, am not sure what it does and am not going to find that out right now.

What I am surprised at is that facebook uses a non salted/non nounced url for such requests.. :!
Definitely you know better facebook :)

lets see how fast it spreads and what all comes out of it!

Lets see a lil about the domain.

anshup@listsettle-lm: ~$ whois torsing.info
Domain ID:D36666838-LRMS
Created On:05-Feb-2011 19:58:43 UTC
Last Updated On:06-Feb-2011 10:32:05 UTC
Expiration Date:05-Feb-2012 19:58:43 UTC
Sponsoring Registrar:GoDaddy.com Inc. (R171-LRMS)
Registrant ID:CR74380736
Registrant Name:Matej Kalanj
Registrant Organization:
Registrant Street1:Marohniceva 18
Registrant Street2:
Registrant Street3:
Registrant City:Rijeka
Registrant State/Province:Primorsko goranska
Registrant Postal Code:51000
Registrant Country:HR
Registrant Phone:+385.955533376
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:webmaster@sex-galerije.com
Admin ID:CR74380738
Admin Name:Matej Kalanj
Admin Organization:
Admin Street1:Marohniceva 18
Admin Street2:
Admin Street3:
Admin City:Rijeka
Admin State/Province:Primorsko goranska
Admin Postal Code:51000
Admin Country:HR
Admin Phone:+385.955533376
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:webmaster@sex-galerije.com
Billing ID:CR74380739
Billing Name:Matej Kalanj
Billing Organization:
Billing Street1:Marohniceva 18
Billing Street2:
Billing Street3:
Billing City:Rijeka
Billing State/Province:Primorsko goranska
Billing Postal Code:51000
Billing Country:HR
Billing Phone:+385.955533376
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email:webmaster@sex-galerije.com
Tech ID:CR74380737
Tech Name:Matej Kalanj
Tech Organization:
Tech Street1:Marohniceva 18
Tech Street2:
Tech Street3:
Tech City:Rijeka
Tech State/Province:Primorsko goranska
Tech Postal Code:51000
Tech Country:HR
Tech Phone:+385.955533376
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:webmaster@sex-galerije.com

Hmmm, so a site registered in croatia. Interesting.

Read More

The NewYork Times launches digital subscription, beginning with canada.

2011-03-19 06:07:27 +0000

Copy of an email sent out by The NewYork Times:
An important announcement from
the publisher of The New York Times

Fine Print
Dear New York Times Reader,

Today marks a significant transition for The New York Times as we introduce digital subscriptions. It’s an important step that we hope you will see as an investment in The Times, one that will strengthen our ability to provide high-quality journalism to readers around the world and on any platform. The change will primarily affect those who are heavy consumers of the content on our Web site and on mobile applications.

This change comes in two stages. Today, we are rolling out digital subscriptions to our readers in Canada, which will enable us to fine-tune the customer experience before our global launch. On March 28, we will begin offering digital subscriptions in the U.S. and the rest of the world.

If you are a home delivery subscriber of The New York Times, you will continue to have full and free access to our news, information, opinion and the rest of our rich offerings on your computer, smartphone and tablet. International Herald Tribune subscribers will also receive free access to NYTimes.com.

If you are not a home delivery subscriber, you will have free access up to a defined reading limit. If you exceed that limit, you will be asked to become a digital subscriber.

This is how it will work, and what it means for you:

For more information, go to nytimes.com/digitalfaq.

Thank you for reading The New York Times, in all its forms.

Arthur Sulzberger Jr.
Arthur Sulzberger Jr.
Publisher, The New York Times
Chairman, The New York Times Company


Fine Print

As a loyal reader of NYTimes.com, you will receive a special offer to save on our new digital subscriptions. We will e-mail this special offer starting on March 28, the day we begin charging for unlimited access to our Web site and mobile apps*. We truly value your readership and look forward to bringing you the world’s finest journalism every day.

Fine Print *Mobile apps are not supported on all devices. Does not include e-reader editions, Premium Crosswords or The New York Times Crosswords apps. Other restrictions apply.

This message was sent to inform you about an important change to our Web site and NYTimes applications. Please note, if you have chosen not to receive marketing messages from The New York Times, that choice applies only to promotional messages. You will continue to receive important notifications that are legally required or could affect your service.

To review our Privacy Policy, please go to:

© 2011 The New York Times Company / 620 Eighth Avenue, New York, NY 10018


Read More

My hunt for the perfect browser for work :!

2011-03-10 16:59:35 +0000

UPDATE: And now I have moved (back) to firefox 4! Firefox 4 is fast, so far no crashes and is looking good. more on this later as I spend more time on it!


First and foremost a little into what this post will give you. In this post, first I talk a little about why I need this post. Then a little of my browsing habbits history. Then some of my problems. And then my problems.

This post started when I realised I ve been switching between browsers one after another whenever I face some issue with one. Now few months down the lane, I don't remember what the problem was and why I switched away from a particular browser and to what and why. So this post is more like a little documentation effort.

Now a little into my browser usage history. As a kid I remember using IE, Firefox and a little of Opera. In college, I was primarily a firefox user (with a little bit of elinks thrown in whenever the network would be clogged down). After I started work, one of the worst versions of firefox was released. FF 3.0. It would crash like a drunken dog gone nuts on the roads. I switched over to Opera at this instance after suffering for weeks (on fedora). Then I switched to Mac. My love for Opera continued. Ofcourse I have firefox with firebug and webdeveloper and various profiles. And then, I guess it started crashing for some reasons. I tried safari but wasn't really impressed. At this time I primarily switched to Chrome. I had tried chromium on fedora earlier and Chrome had evolved a lot from its chromium days.

At the moment, am back to Opera. This post is being published in Opera. And the reason. Well, the latest version of Chrome is buggy or maybe its the speeddial extension. Now when I click on any speeddial, the speeddial opens up, but the address bar is empty :!

And its hightime I try Opera 11 :)
In the meanwhile, I ll be downloading latest firefox nightly release aka minefield :)

And will keep this post (or further posts) as a part of documenting my waddle through the various browsers. (IE wont be part much of it, though I do use it once in a while owing to some stupid IE rich web applications.).

More on it later. Cheers
Anshu Prateek

Read More

Starting programs on a remote linux desktop

2011-02-09 21:25:44 +0000

This was something that I was looking for a long time and finally found while looking for a completely different thing altogether!
Agreed I always wanted this only for mischief :P Basically what I wanted was to fire up any GUI so that it would show on a remote desktop and not on my local display. clearly I didn't want vnc or ssh -XCYP.

What I needed was this:

ssh -X host
export DISPLAY=:0

and then I can run any gui and it will open on the remote desktop.
would make things look like some hacky mischief ;)

okay, another thing I learnt was how to start and stop gnome screensaver remotely.

so instead of doing a killall -9 screensaver, you can do
gnome-screensaver-command -d

So there are things that are still fun!
Gosh, do I miss college!

Read More