Hack my PC

My Dell Windows XP PC had a sticker on it that say “Please hack me”.

Well, I didn’t see the sticker. Not for a while. I read a very basic article on hacking by Roger Grimes at Infoworld. He talked about passwords sniffed from wireless networks. Their encryption broken in a matter of seconds. I thought it was too easy, it couldn’t be. I had to try it myself. I hopped over to insecure.org downloaded Cain & Abel installed it and was ready to go. Cain is a sniffer + cracker. I had to see for myself.

It took me less than five minutes to sniff the traffic on my private network, send it to the cracker and launch a dictionary attack on the SMB traffic collected. I found two vulnerable accounts, “Administrator” and “Guest”. Both accounts had *no* passwords. The Administrator account was especially worrisome – it never showed up under the account list in my XP control-panel. I never even knew it existed. I had never logged into it (XP offers to create a user account with administrator privileges at install-time). The Administrator account is also my system ‘root’, pardon my reliance on Unix jargon.

Dissapointed in myself, I quickly peeled the sticker off by disabling the two accounts. Maybe I can fix the vulnerability comprehensively by eliminating my dependence on Windows entirely.

Generics in the Java Programming Language

Sun introduced Generics with Java 1.5 recently.

Whenever a developer created a Collection in older versions of Java, he had to rely on run-time checking to enforce type safety in the Collection. Run-time checked does provide flexibility. However, 90% of the time, Developer’s never really designed to use that flexibility. Imagine creating a Collection of different types of Objects with nothing in common, how often would one have to solve a problem that required just that? Even in that 90%, 10% of the time, that flexibility was abused. Now Imagine writing an interface that takes a Collection as an argument. Let’s say there exist two different implementations of that interface (or template) that expected a Collection each with types that differ from the other. The horrors, the interface designer never intended the interface to be used in that way. Thus, interchangeability is not enforceable.

I just did rely on anecdotal evidence to justify the use of Generics. A very obvious example.

Yes, Generics is just as much a fix as it is a feature.

This is my repository of articles and people on Generics.

Generics in the Java programming Language. [Sun.com]

Generics in the Java programming Language. [Sun.com] — A tutorial by Gilad Bracha.

Bruce Eckel’s Java weblog. [Artima] — if your not happy with just the tutorial but want to look at the advanced material, hop over to Eckel’s journal and follow his Generics blogs. Or, 🙂 just get your own Blog up and running and send me a link.

Generics in the Java Language

Sun introduced Generics with Java 1.5 recently.

Whenever a developer created a Collection in older versions of Java, he had to rely on run-time checking to enforce type safety in the Collection. Run-time checked does provide flexibility. However, 90% of the time, Developer’s never really designed to use that flexibility. Imagine creating a Collection of different types of Objects with nothing in common, how often would one have to solve a problem that required just that? Even in that 90%, 10% of the time, that flexibility was abused. Now Imagine writing an interface that takes a Collection as an argument. Let’s say there exist two different implementations of that interface (or template) that expected a Collection each with types that differ from the other. The horrors, the interface designer never intended the interface to be used in that way. Thus, interchangeability is not enforceable.

I just did rely on anecdotal evidence to justify the use of Generics. A very obvious example.

Yes, Generics is just as much a fix as it is a feature.

This is my repository of articles and people on Generics.

Generics in the Java programming Language. [Sun.com]
Generics in the Java programming Language. [Sun.com] — A tutorial by Gilad Bracha.
Bruce Eckel’s Java weblog. [Artima] — if your not happy with just the tutorial but want to look at the advanced material, hop over to Eckel’s journal and follow his Generics blogs. Or, 🙂 just get your own Blog up and running and send me a link.

What the Bleep do we know?

Before you go out and watch the movie, you should consider that the movie only presents one point of view [Wikipedia.org]. Not all Quantum physicists believe that the Quantum physics is connected to conciousness in the way the movie describes it. In fact those who do are in the minority.

Now I don’t even remember who recommended it to me. I wish I could speak to him and let him know about this.

In the end I guess I am interested more in efficacy, a narrow view that might hurt.

What about Ramtha’s school of enlightenment [Wikipedia.org]. Not a very credible school.

Hack my PC

My Dell Windows XP PC had a sticker on it that say “Please hack me”.

Well, I didn’t see the sticker. Not for a while. I read a very basic article on hacking by Roger Grimes at Infoworld. He talked about passwords sniffed from wireless networks. Their encryption broken in a matter of seconds. I thought it was too easy, it couldn’t be. I had to try it myself. I hopped over to insecure.org downloaded Cain & Abel installed it and was ready to go. Cain is a sniffer + cracker. I had to see for myself.

It took me less than five minutes to sniff the traffic on my private network, send it to the cracker and launch a dictionary attack on the SMB traffic collected. I found two vulnerable accounts, “Administrator” and “Guest”. Both accounts had *no* passwords. The Administrator account was especially worrisome – it never showed up under the account list in my XP control-panel. I never even knew it existed. I had never logged into it (XP offers to create a user account with administrator privileges at install-time). The Administrator account is also my system ‘root’, pardon my reliance on Unix jargon.

Dissapointed in myself, I quickly peeled the sticker off by disabling the two accounts. Maybe I can fix the vulnerability comprehensively by eliminating my dependence on Windows entirely.