VT’s Tech Blog

I was first introduced to this service from the folks over at Mobikwik when they sent me a email about their service. I actually used this when I needed to do a quick recharge of my BSNL and Tata Docomo connections while I was travelling.

The service is pretty easy to use. All you need to do is to sign up for an account. You’ll need to fund your account in-order to recharge your phone. You can fund the account using your credit/debit card or netbanking. I was able to recharge both my phone in under 5 minutes.  I am also very impressed with their support. I got an answer to a query I posted on their site within a few minutes.

Another interesting service prepaid users should find interesting is the ability to schedule a recharge, so you can set a future recharge date, and your prepaid balance recharged on the date you set. Useful to schedule the next month’s charge in advance.

When you’re on the move and you’re almost out of balance, you can also send the service a quick SMS and get your account recharged in a jiffy. All you need to do is to register your mobile number and send a message with the amount you want to recharge to their service : RC 50 9810125432 where 50 is the amount to recharge on your number.

I had asked Mr. Bipin Preet Singh the CEO of Mobikwik a few questions about their service:

Q: What happens when a recharge doesn’t go though properly? how long does it take to locate the problem/refund the charge?
A: Mobikwik realizes that operator server’s are not 100% efficient and recharge can sometimes fail due to operator server being down, or invalid amount being entered etc. Therefore, mobikwik has concept of mobikwik balance. So, if you pay Rs 100 to recharge, but recharge did not happen, your balance does not get deducted. So you can try again later. Else, you can send a customer support email which is there on our home page. We respond in 24 hours.

Q: Recurring Recharge – I see you have a scheduled recharge which allows a user to plan one charge in advance. Are you planning something where the user can set a recurring recharge, let’s say once a week/month/…
A: Actually, with current schedule recharge, you can set it up as many times as you want, once a week, once a month, once a year. There is no restriction.

Q: Do you support data plan recharges? If yes, which operators do you support currently and which ones are planned in the future?
A: Yes, we do support data plan recharges for all leading operators.

I did find the data recharge option missing for my operators unfortunately, Tata Docomo and BSNL didn’t have the 3G data recharge options on Mobikwik yet. Hope that too comes up in the near future. I hate having to run to the nearest dealer to get that done.

Check out their service at: www.mobikwik.com and follow them on twitter @mobikwik . If you’ve tried out Mobikwik let us know your experiences by commenting on this post.

Google has released a Web Application Security Scanner over at Google Code. This can be used to scan you site for possible security issues which might be lurking around. Skipfish prepares an interactive site-map for the targeted site by carrying out a recursive crawl and dictionary-based probes.

This scanner is easy to setup on an Ubuntu machine. You’ll need to have the packages for gcc and make installed on your system in order to compile Skipfish from it’s sources. Once you install these, download the Skipfish package from the project download page. Once you download it, unzip the files to a folder of it’s own and head over to that folder in your terminal window and issue a make command by just entering this in the terminal.

make

After the package compiles you can test to see if it was successful by issuing the following command in the terminal

./skipfish -h

This should show you a the Skipfish help screen. If you don’t get that, check the make output to see if there were any errors during the compile process.

Once you get Skipfish compiled and ready on your system, head over to their documentation pages to learn more on how to use this to tool to scan your site.

This tool creates a html report of the scan in the output directory you specify and the output looks like this:

Skipfish has a highly optimized HTTP handling which allows you to achieve up to 2000 requests per second on servers which can take that load. It also doesn’t depend on the technology you use to host and build your web application.

If you’re interested in what types of scans are currently implemented on this tool, here’s what it supports (from their documentation page):

• High risk flaws (potentially leading to system compromise):
  • Server-side SQL injection (including blind vectors, numerical parameters).
  • Explicit SQL-like syntax in GET or POST parameters.
  • Server-side shell command injection (including blind vectors).
  • Server-side XML / XPath injection (including blind vectors).
  • Format string vulnerabilities.
  • Integer overflow vulnerabilities.

• Medium risk flaws (potentially leading to data compromise)
  • Stored and reflected XSS vectors in document body (minimal JS XSS support present).
  • Stored and reflected XSS vectors via HTTP redirects.
  • Stored and reflected XSS vectors via HTTP header splitting.
  • Directory traversal (including constrained vectors).
  • Assorted file POIs (server-side sources, configs, etc).
  • Attacker-supplied script and CSS inclusion vectors (stored and reflected).
  • External untrusted script and CSS inclusion vectors.
  • Mixed content problems on script and CSS resources (optional).
  • Incorrect or missing MIME types on renderables.
  • Generic MIME types on renderables.
  • Incorrect or missing charsets on renderables.
  • Conflicting MIME / charset info on renderables.
  • Bad caching directives on cookie setting responses.

• Low risk issues (limited impact or low specificity):
  • Directory listing bypass vectors.
  • Redirection to attacker-supplied URLs (stored and reflected).
  • Attacker-supplied embedded content (stored and reflected).
  • External untrusted embedded content.
  • Mixed content on non-scriptable subresources (optional).
  • HTTP credentials in URLs.
  • Expired or not-yet-valid SSL certificates.
  • HTML forms with no XSRF protection.
  • Self-signed SSL certificates.
  • SSL certificate host name mismatches.
  • Bad caching directives on less sensitive content.

• Internal warnings:
  • Failed resource fetch attempts.
  • Exceeded crawl limits.
  • Failed 404 behavior checks.
  • IPS filtering detected.
  • Unexpected response variations.
  • Seemingly misclassified crawl nodes.

• Non-specific informational entries:
  • General SSL certificate information.
  • Significantly changing HTTP cookies.
  • Changing Server, Via, or X-... headers.
  • New 404 signatures.
  • Resources that cannot be accessed.
  • Resources requiring HTTP authentication.
  • Broken links.
  • Server errors.
  • All external links not classified otherwise (optional).
  • All external e-mails (optional).
  • All external URL redirectors (optional).
  • Links to unknown protocols.
  • Form fields that could not be autocompleted.
  • All HTML forms detected.
  • Password entry forms (for external brute-force).
  • Numerical file names (for external brute-force).
  • User-supplied links otherwise rendered on a page.
  • Incorrect or missing MIME type on less significant content.
  • Generic MIME type on less significant content.
  • Incorrect or missing charset on less significant content.
  • Conflicting MIME / charset information on less significant content.
  • OGNL-like parameter passing conventions.

You can get more information about Skipfish and download it from their project site on Google Code.

Links:
Skipfish Project on Google Code
Skipfish Documentation
Skipfish Downloads

I’ve been tinkering around with Python on the N900 and this one one phone hackers will love. You can make the phone do almost anything you want if you know a little bit of scripting. I picked up a bit of python to try making a call blocker which was missing for the N900, and this is what I came up with. You can read how to do that with Python in the article I wrote on MyNokiaWorld – Block Unwanted calls on your N900. You can even configure the Notification lights on the Phone by editing a configuration file.

Now how about a script which detects if the phone is in your pocket and automatically turn on the vibrate mode? I found someone who wrote up a Python script which does this for the N900 here – http://talk.maemo.org/showthread.php?t=44484

I’ve just begun exploring this phone in my free time, but it’s a great phone if you’re looking for a customizable phone and you do know Python or some Linux programming.

Here’s another article from our Guest Blogger Dr. Abhishek Puri on Opera. You can read his previous article here and here

Ever since I have shifted to Ubuntu, Open Office has remained static in it’s appearance; I am counting over 6 years of “free open source software use”. The ideological underpinnings not to use closed source software ever has not yet blinded me to the eye candy and the functionality of other systems. This is not a gripe session but Open Office is found wanting in it’s approach. It’s good thing to be standards compliant, it’s good to have cross platform availability but it sucks to have a jaded look because one doesn’t really have a choice. Indeed a paradoxical situation.

Downloading and installing to use K office is a pain because they have implemented the product in a manner which throws out user friendliness out of the window. I am not a KDE fanboy but clearly having few default “settings” that works also makes sense most of the times. It feels buggy and bloated and clearly not in the best of the “open source implementation”.

Contrast to this is perhaps the only product from Microsoft that works to some extent is their Office platform. It has been criticized ad nauseum because of the “additional options” it provides but it works and is a huge money spinner for the company. Another notable mention is Apple’s Keynote software that consistently gets scored high on usability, themes and transitions.

Why is that the developers from Open Office have not been able to innovate? In retrospect, it seems as if they are trying hard to emulate the previous versions of the closed source systems and bring out a functional product. Truth be told. Open Office is definitely a vast improvement over the previous versions. I use Impress heavily and I can testify clearly that ability to add tables and images has vastly improved over the previous versions. Animations and slide transitions are more or less static in their development but they deliver the goods specially when over the top eye candy is not required.

The difference in the approach is for other software. I had the opportunity to see Keynote in action recently and was totally wowed by the implementation. It is not even surprising that Google spews out thousands of results to turn the computer into a Mac lookalike. The usability is definitely a concern but Apple does provide a fresh perspective to it’s operating system and it’s various tightly integrated components. Ubuntu is inching closer but yet too far off for practical purposes.

This is not to say that anything free cannot compare to closed source alternatives. The debate usually centres on individual perspectives. It is all about choice. Yet, I do feel let down because my Ubuntu Box cannot match the best in the world for Office Applications.

It is no wonder that Ubuntu wanted to let go of Open Office for it’s netbook edition. It is bloated, eats up huge amounts of memory and would definitely be a pain for underpowered processors. They wanted to settle in for Google Docs with Gears implemented; it would have been a huge commercial spin off for them too. The idea is to implement Open Office as a lean mean application with eye candy and extensibility.

Interestingly, on their ideas implementation Wiki, Open Office does aim to “ape” Apple’s keynote. Unfortunately, there is no “out of the box” idea to justify this.

I am typing this out on Google Docs because it would let me email this presentation in couple of clicks. All the more practical approach. I can also collaborate with others to edit it and it works for me if I don’t demand anything extra from it. Very soon Google would be streaming advertisements too. It keeps a back up of all my past write ups although this is unhealthy reliance on cloud computing.

As I had mentioned, this is not a gripe session but an earnest need to improve upon open office beyond it’s jaded interface. This would bring in more “respectability” as well as more users, in my opinion. Ultimately it’s about increasing the user base and claiming 100 million users on the website is not going to help. Most of them, on any given day, would still want to use addictive eye candy.

Here’s another article from our Guest Blogger Dr. Abhishek Puri on Opera. You can read his previous article here.

We are so much used to the proprietary systems that it seems the “open source alternatives” may not be able to “stand up to them”. For example, the open source alternative to MS office is Open Office (including a suite of other programmes but then it is all about choice). For an average user, the predefined set task flows are good enough. Yet, there is an inherent resistance to change because the open source options don’t always feel “like” the way “standard” option does.

Hence it makes sense to stick on to products with options for cross platform approach. I have been using Opera as my standard desktop browser, which may sound antithesis to my said approach towards Open Source as a whole. The very fact that Opera has a commitment towards “Open Standards” and to “free up the web” from the evil eye of “Explorer” is a motivation enough to stick on to this browser.

Opera has had a solid reputation for innovation. They came up with tabbed browsing way before anyone even thought of that. Firefox as a “spin off” from the doomed Mozilla product is in many ways an “open source clone” of Opera. It has sought to “generate” a whole ecosystem of “extensions” with a very buggy approach towards it’s browser as a whole. The software is stunted in it’s approach and the Mozilla Foundation has neither a coherent acclaimed goal nor depth of thought process to implement it’s flagship product.

Opera has followed consistent path to dominate the browser market through mobiles and game consoles but has raised serious issues of privacy concerns. In any case, the vast majority of us nevertheless have been relying on so called “cloud computing” with no iota of debate about the same. Privacy can never be guaranteed on the Internet with variety of methodologies to hunt your browsing habits. Barring this, the product is sheer joy to use because of it’s intuitive interface and the fact that it works across the platforms. Which means that user choices are similar across the platforms and it is just a matter of synchronizing with Opera’s servers.

This isn’t about Firefox bashing but it’s competitors have a pathetic approach which makes Opera “stand out” in comparison. Coming back to where I started from. Opera has it’s native feel in Unix, BSD or even Solaris and across the “dominant platform”, Microsoft Windows.

Two notable events are worth mentioning. One is that Opera’s implementation of Widgets which can run on any platform independent of the browser; almost like an “extension library” as for other browsers like Firefox and Chrome. The other is implementation of user sharing experience of Unite. This is brilliant because it allows for a simple file transfer protocol to be implemented from the browser; while not in the strictest sense of the term but nevertheless, makes file sharing across the various connected systems a breeze.
Firefox has a lot of catching up to do; it uses up a lot of memory footprint, eats up bandwidth and is bug prone. Neither it has a mobile version but it remains a pathetic implementation of Open Source. Worse still, it cannot even package for Unix systems; instead relies on old “tar” archival format.

Should closed source systems be allowed to be ported on open source systems? This is indeed a matter of debate but then again it all boils down to personal perspective and user choice. The whys and hows are best left to be answered according to one’s approach to the solution.

I did have an issue with Opera’s 10.10 default installation in Ubuntu. It used to randomly freeze my “X” screen. This was a documented bug mentioned on the forums but there was no quick work around. Opera is implementing the new version of it’s Carakan based browser very soon and has significant amount of resources devoted to the same. They must beat the Mach deadline before MS starts shipping with it’s service packs and allows for a browser choice. For obvious reasons, Opera wants to have a stable release of it’s justified claims of the “fastest browser”.

Any alternative to Opera like Chrome is less than perfect solution. I have had to add extensions downloaded from Chrome website to make it functional as I was used on Opera. It’s ad blocking and handling of RSS feeds sucks majorly and I truly miss the in built mail client and RSS reader with occasional IRC chats as all in one solution.

The newer beta for Windows is truly a revelation. I still have to get used to something better than this. The page loads up in a jiffy and handling of resource intensive web sites is simply amazing. Opera’s engineers have worked truly hard to make an astounding product and justify the tag of the world’s fastest browser.

It would take some time before Opera 10.5 is available for other platforms; nevertheless, the wait is truly justified.

The debate between closed and open source can never have a clear winner. But everything is finally dependent on the freedom of choice and it is imperative that we become aware of such a choice too.

This article is written by a friend of mine, Dr. Abhishek Puri. He’s a doctor who’s a technology freak on the side. He dabbles around with Open Source software and is a strong advocate for the Open Source community. Here is his experience with setting up Ubuntu 9.10 on his latest laptop.

My search had been on for a system that would work on Linux flawlessly. For the past few years, I have come to love the reliability and the stability of Ubuntu and with it’s more frequent updates which give me the “best” in the desktop appearance. With an anemic RAM in the previous version, I could ill afford to run multiple applications, turn on anti aliasing of Open Office or even risk the opening up of multiple tabs while running Opera. At risk of a system freeze, it was still a workable and a usable laptop. The present day era is of 64 bit processors and it’s hard to justify their routine use for a casual user. Nevertheless, it has never been the user’s prerogative to choose.

A search in most of the electronic showrooms was quite disappointing. Most of the laptops on display were infested and infected by bloated crapware called as Windows. With jacked up prices for fancy video cards, it drove me away as I had a limited budget. I went running to my old trusty vendor who showed me a nearly perfect laptop for my needs with preloaded DoS. More than that, it had a great combination of a motherboard, an Intel chipset and integrated Wifi.

The Live USB version of Ubuntu worked great and after a quick lspci command in the terminal, I put down my hard earned money for a Compaq system.

The first thing was to format the hard drive, load up Ubuntu, apply the updates and viola a nearly perfect system was ready to use. After the mandatory load in of plug ins to ensure playback of restricted formats, it was all set up.

The only major issue surprisingly was with Opera 10.10. It used to crash the X randomly with the screen freezing up and an unresponsive keyboard. In any case, there was no solution from the forums except that I could try out Qt4 version. I decided to chuck it in favor of waiting for Opera 10.5 which promises to be a fab release due out for Unix in couple of months. I was indeed sore that the Windows version would be released first as they have huge amount of resources dedicated. This is because, Microsoft has been forced to give an option to consumers regarding the choice of browsers and Opera had been behind this landmark anti trust case. It only goes on to prove that Unix platform does offer a choice; but Opera has “cold shouldered” the Unix community as a whole since any reported bugs get scaled down on a lower priority till the new version comes out in the beta or the final release.

There is a plethora of browsers to choose from in Unix; yet I settled down on very remarkable and wonderful Google Chrome. It’s one of the most exciting software to have been released in recent times and although it doesn’t have the functionality as Opera in it’s default form, there are numerous extensions available for the same. Frankly, I have never been too happy about the extensions per se because I feel that the browser ought to have the key features built in. In any case, it all boils down to a personal choice though. For my mail and RSS feeds, I found that Evolution is a good alternative to Opera’s both inbuilt mail as well as RSS reader although the format has not really changed in the past few years. Yet, it works the works and I do miss Opera.

The icing on the cake is perhaps oodles of RAM being able to support Compiz Fusion and it’s brilliant and awesome effects. It’s sheer eye candy customisable to the nth detail and a great execution of details. Full kudos to the developers who have developed various plug ins; my favorite is the “burn” effect which burns down the window when you close it. You Tube is full of videos on this and it is indeed a school boy’s fantasy come true to own such a thing. Day in day out, I am fascinated by various effects and Mac Os looks pale in comparison in many respects.

It would not be feasible to run a full scale comparison with other platforms; this write up only details my purchase, the customization, the software and of course, the choices made. Your own experience may vary or some of the readers would want to defend the “latest” Windows 7. Yet, my arguments stay in place that “free” open source software can outperform the “closed” systems by a mile.
Ubuntu 9.10 is a great option; admittedly, there are tons of other distros that would have their adherents too. But then Open Source is all about the choice.

I’ve been using the Kindle ever since they started selling and shipping the international version. I find it a great device to carry around with all my favourite books on it. It also helps in cutting down the book shopping I usually indulge in when I’m at the airport. If you are looking at free content for you Kindle, first look around the Amazon Kindle store itself. If you set your address to USA in the Kindle Management Interface (http://kindle.amazon.com/), you’ll suddenly find a lot of titles have just turned free. Just sort by price (low to high) to see all the free content. If you set your country to the US, don’t download the books through the Wireless connection, or you’ll be charged $2 for the transfer. Just download them to your PC and transfer the files through USB.

If you’ve got lots of books in other formats, I had a lot of books in Mobipocket format which I used to read on my mobile phone, you’ve got to check out Calibre. It’s a cool software which allows you to move files in other formats like epub, mobi, doc or PDf to the Kindle. It actually transforms the file into the Kindle format and transfers it to your device. Here’s a video of Calibre in action.

I use it as my library management system, where I keep all the ebooks I buy on the web. Remember that Calibre can support only non-DRMed content, which means if you have an ebook which is tied to a device, you can’t read or process it on Calibre.

The best part is that Calibre is available on Windows, Mac and Linux. Click here for downloads.

Links:
Calibre Project Page

Here are some webinars from Zend which you may find interesting:

Webinar – PHP Development Best Practices: The Untold Story of Geekville
January 19, 2010 – 9:00 am PST – your computer via webex

Have you ever wondered how you could advance your PHP development? Have you considered using an Integrated Development Environment (IDE), an Issue Tracker or a Version Control tool, but were concerned about how complex it might be? Taking PHP development to the next level may be easier than you think.  Attend this webinar, hosted by Atlassian and Zend More Information/Registration

Webinar – Troubleshooting PHP Issues: Best (and Worst) Techniques
January 28, 2010 – 8:00 am PST – your computer via webex

Understanding what’s causing your PHP application to be slow or just break is often time-consuming, and almost always frustrating. Join this information-packed webinar, delivered by a senior Zend PHP consultant, to learn what techniques PHP professionals use for pinpointing PHP issues in development, testing and production. More Information/Registration

I just came across a great tool for transcoding videos in Ubuntu. HandBrake is an open-source, GPL-licensed, multiplatform, multithreaded video transcoder, available for MacOS X, Linux and Windows. They’ve also got Ubuntu installers which make it easy to install this available in a GUI and a commandline version. Using handbrake you can convert your DVDs or most other video formats to the following outputs:

• File format: MP4 and MKV
• Video: MPEG-4, H.264, or Theora
• Audio: AAC, CoreAudio AAC (OS X Only), MP3, or Vorbis. AC-3 pass-through, DTS pass-thorugh (MKV only)

To install Handbrake you can either download the deb installer for Ubuntu from their download page. You can also add this to your apt sources so you get updates to the program automatically. To do this, type in the following into the terminal (works in Karmic)

sudo add-apt-repository ppa:handbrake-ubuntu/ppa
sudo apt-get update
sudo apt-get install handbrake-gtk

For more information on Handbrake, head over to their site handbrake.fr.

via WebDevOnLinux

Here’s a free PHP Ebook from Bruce Perens’ Open Source Series. More about this book:

In this book, PHP 5′s co-creator and two leading PHP developers show you how to make the most of PHP 5′s industrial-strength enhancements in any project—no matter how large or complex. Their unique insights and realistic examples illuminate PHP 5′s new object model, powerful design patterns, improved XML Web services support, and much more. Whether you’re creating web applications, extensions, packages, or shell scripts—or migrating PHP 4 code—here are high-powered solutions you won’t find anywhere else.

Review PHP’s syntax and master its object-oriented capabilities—from properties and methods to polymorphism, interfaces, and reflection

• Master the four most important design patterns for PHP development
• Write powerful web applications: handle input, cookies, session extension, and more
• Integrate with MySQL, SQLite, and other database engines
• Provide efficient error handling that’s transparent to your users
• Leverage PHP 5′s improved XML support—including parsing, XSLT conversions, and more
• Build XML-based web services with XML-RPC and SOAP
• Make the most of PEAR: work with the repository, use key packages, and create your own
• Upgrade PHP 4 code to PHP 5—compatibility issues, techniques, and practical workarounds
• Improve script performance: tips and tools for PHP optimization
• Use PHP extensions to handle files/streams, regular expressions, dates/times, and graphics
• Create original extensions and shell scripts

If you’re a software developer new to PHP, you’ll leap quickly into PHP and its new object-oriented capabilities. If you’re an experienced PHP programmer, you already recognize PHP’s convenience and simplicity. Now, discover all of its extraordinary power!

Free Ebook download: Download PHP 5 Power Programming (PDF)
If you like this book and would like to order the Print book, check out Amazon’s deals on PHP 5 Power Programming.