Saturday
Mar132010

Frank Kern "List Machine" Potential PHP4 Exploit Disaster 

Frank Kern is about to release his latest product "List Control". Part of the pre-launch promotion has seen him offering a free script - "List Machine" to help people build their email list. BUT and it's a big BUT (ha ha). The script his programmers have used is PHP4 which is vulnerable to exploitation - attack by phishers and scammers. Apparently they used PHP4 because Frank wanted to use it on BlueHost which he feels is newbie-friendly. Here - read the Wiki on PHP Exploits - here's an extract on what can happen -
* On November 1, 2005, a high school student used a SQL injection to break into the site of a Taiwanese information security magazine from the Tech Target group and steal customers' information. * On January 13, 2006, Russian computer criminals broke into a Rhode Island government web site and allegedly stole credit card data from individuals who have done business online with state agencies. * On March 29, 2006, Susam Pal discovered a SQL injection flaw in an official Indian government tourism site. * On March 2, 2007, Sebastian Bauer discovered a SQL injection flaw in the knorr.de login page. * On June 29, 2007, a computer criminal defaced the Microsoft U.K. website using SQL injection. . U.K. website The Register quoted a Microsoft spokesperson acknowledging the problem. * In January 2008, tens of thousands of PCs were infected by an automated SQL injection attack that exploited a vulnerability in application code that uses Microsoft SQL Server as the database store. * On April 13, 2008, the Sexual and Violent Offender Registry of Oklahoma shut down its website for 'routine maintenance' after being informed that 10,597 Social Security numbers from sex offenders had been downloaded via a SQL injection attack. * In May 2008, a server farm inside China used automated queries to Google's search engine to identify SQL server websites which were vulnerable to the attack of an automated SQL injection tool. * In July 2008, Kaspersky's Malaysian site was broken into by a Turkish computer criminal going by the handle of "m0sted", who claimed to have used SQL injection. * In 2008,at least April through August, a sweep of attacks began exploiting the SQL injection vulnerabilities of Microsoft's IIS web server and SQL Server database server. The attack doesn't require guessing the name of a table or column, and corrupts all text columns in all tables in a single request. A HTML string that references a malware JavaScript file is appended to each value. When that database value is later displayed to a website visitor, the script attempts several approaches at gaining control over a visitor's system. The number of exploited web pages is estimated at 500,000 * On August 17, 2009, the United States Justice Department charged an American citizen Albert Gonzalez and two unnamed Russians with the theft of 130 million credit card numbers using an SQL injection attack. In reportedly "the biggest case of identity theft in American history", the man stole cards from a number of corporate victims after researching their payment processing systems. Among the companies hit were credit card processor Heartland Payment Systems, convenience store chain 7-Eleven, and supermarket chain Hannaford Brothers. * In December 2009, an attacker breached a RockYou! plaintext database containing the unencrypted usernames and passwords of about 32 million users by using a SQL injection attack.
I'm happy to report that I've helped Frank avoid his very own Toyota sticking accelerator disaster. Just imagine what could have happened. This could have blown up in his face BIG TIME. Read more about it here on The Warrior Forum where I post under my moniker "Metronicity".
Wednesday
Dec022009

Fat Bastard on AA Plane

fatPlanepassengerFor the love of Christ have a look at this Jumbo squeezed on to a single seat on an American Airlines flight. Apparently the shot is real and was taken by an AA flight attendant. It's from this blog. Someone has left a comment there saying
This was taken by a friend of mine.

1) Yes, it's real.

2) The "big" passenger was allowed to stay.

3) The guy in the middle seat was pulled from the flight and given $$$ voucher for future travel + f/c on the next available flight.

4) AA is one of the wimpiest companies I've ever worked for - they are ***terrified*** of lawsuits!

AA Flight Attendant
Friday
Nov272009

Wordpress Mage $500 Rebate Today Only

Wordpress Mage

thinking of buying the automated money-making blog system? For today only I'm offering a $500 Rebate. You get an instant $300 off the $1297 price PLUS another $200 from me. Cool? But it's only for today. The Mage goes off sale after today.

Want to know more? Have a look at This Thread or if you're ready to buy Click Here and then enter the Coupon Code - Single payment: LetMeIn Payment Plan: MakeItEasy

Best Wordpress Mage Rebate

Tuesday
Oct272009

MRI Scan of Couple Having Sex

Magnetic Resonance Imaging (MRI)

- you know what that is? Kind of state-of-the-art scanning of the body. MRI provides much greater contrast between the different soft tissues of the body than a CT (computed tomography) scan. It's especially useful for brain, muscle, heart and cancer imaging.

A group of Dutch research scientists led by an Associate Professor of Gynaecology, has found its particularly useful for another kind of scan too - scanning couples having sex.

Professor Willibrord Weijmar Schultz and colleagues from University Hospital Groningen in the Netherlands recruited eight couples and three single women over the past ten years and scanned them making love in thirteen different episodes. The experiment was written up in The British Medical Journal and apparently has been the most-read article ever published in that prestigious magazine. Why do this? From the abstract -

To find out whether taking images of the male and female genitals during coitus is feasible and to find out whether former and current ideas about the anatomy during sexual intercourse and during female sexual arousal are based on assumptions or on facts.

The research team found that the imaging showed that during female sexual arousal the uterus raises and the front of vaginal wall lengthens. There was no evidence of an increase in the volume of the uterus during sexual arousal, or a change in the position of the uterus, as had been reported by Masters and Johnson in the 1960s.

They also found that during intercourse in the "missionary position" the penis is neither straight nor "S" shaped as had been previously thought, but is, in fact, the shape of a boomerang.

MRIcopulationHoly Moly Batman! Who would have thought it? A boomerang.

Professor Shultz also comments on a famous drawing by Da Vinci - showing a cross-section of a couple having sex - saying that it's anatomically wrong - the penis is too straight for one thing.

The Renaissance sketch shows a transparent view of the anatomy of sexual intercourse as envisaged by the anatomists of his time. The semen was supposed to come down from the brain through a channel which can be seen in the spine of the man. In the woman the right lactiferous duct is depicted as originating in the right female breast and ending in the genital area. Even a genius like Leonardo da Vinci distorted men's and women's bodies---as seen now---to fit the ideology of his time and to the notions of his colleagues, who he paid tribute to.

He also notes that the drawing is owned by the Queen of England and is housed in the Royal Collection at Windsor castle. Click on the thumbnail to the right - CopulationDaVinci

I'm guessing we won't see a repeat of this experiment with homosexual couples. But I do wonder if anyone has done an MRI of someone defecating or urinating. That would be quite interesting - don't you think? Or does this disgust you? Discuss.

Update: Incredible! I just found a video of a MRI scan of a guy defecating.

Saturday
Oct172009

Ho White & The Seven Dwarves - How to Get Your Ass Sued by Disney

HoWhite&TheSevenDwarves

Ho White

& The Seven Dwarves. Unbelievably stupid advertising campaign from Australian ad agency The Foundry. Stupid because they've done a parody of Disney's artwork for Snow White & The Seven Dwarves to flog a raspberry-favored beer. Did these idiots think that Disney was going to stand by while they besmirched their Snow White brand? You can imagine the size of the lawsuit that's heading Foundry's way. Maybe "idiots" is the wrong word. "Morons" is more like it. The website page has been pulled but I was able to get these images from the Google cache. HoWhite

Here's the explanation that was on the site -
Anything But Sweet - The Foundry "Our partnership with Jamieson Brewery started with the redesign of their logo and the launch of Raspberry Ale. While getting our hands dirty with Raspberry Ale, we soon recognised that this beer was in fact ‘Anything but Sweet’. So we challenged the consumer’s notion of what this beer was, and created a striking campaign around this line. The strong packaging design and cheeky nature of the advertising work, hand in hand to create a truly unique brand identity, and so another brand transformation has begun."

That should probably read "And so another Disney lawsuit has begun.

Here's a link to the cache of AnythingButSweet.com and Ho White & The Seven Dwarves

Page 1 ... 3 4 5 6 7 ... 167 Next 5 Entries »