Recent Posts

501

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on January 18, 2015, 11:05 PM »

502

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on January 18, 2015, 09:28 AM »

(see attachment in previous post)

-crabby3 (January 17, 2015, 01:44 PM)

Some front hallways (mine) aren't all that less creepy, when lit.

503

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on January 14, 2015, 05:57 PM »

I thought it looked familiar...it's a Facebook game.

http://www.game-insi.../en/games/my-country

-app103 (January 14, 2015, 09:24 AM)

Can these games be played offline?   When looking at 'Enchanted Realm', my first thought was "I wonder how many people play cross-gender?"

"I want a computer that will drive them crazy. I want a computer that will drive them mad." Number#1 song of mad scientists.  Apologies to John Cougar Mellencamp .

-Arizona Hot (January 14, 2015, 04:38 PM)

I believe they are all social games to be played online.

504

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on January 14, 2015, 09:24 AM »

I'm putting this here because nobody here takes Windows 8.1 seriously(presuming this only works there).
 (see attachment in previous post)
My Country app for Windows in the Windows Store

-Arizona Hot (January 13, 2015, 08:44 PM)

I thought it looked familiar...it's a Facebook game.

http://www.game-insi.../en/games/my-country

505

Living Room / Re: ALERT! FreewareBB shutting down. And with a warning from Marko?

« Last post by app103 on January 11, 2015, 09:01 PM »

Here's the scam (seems like it is targeted at the less internet savvy age 12-14 script kiddie wannabe demographic).

They promise what that group wants, but have no intention on actually delivering it. Instead, they present a set of options, that no matter which is chosen (to get the code) they make money. You visit a page, install software, or anything else they tell you to do, and they make money...but you will never get a code, nor will anyone's Facebook account actually be hacked.

That's the whole scam, in a nutshell.

You would not believe how many times these kids fell for it and filled out that form. And if they would fall for it back then, kids would just as easily fall for something similar today. The difference in this case would be that instead of someone using the form to alert the intended victim of that kid's intent, they are using it as a money making opportunity, presenting them with sponsored activities.

-app103 (January 11, 2015, 07:43 AM)

Sure.

I'm no expert, but maybe I've at least made it to "junior high" as a kiddie sniffing out trouble.  : )

So I did my digging just to save some of the raw click-work for everyone else, just to get it out there, which your post cap-stones.

I was carefully evaluating options as I went along. To borrow the old joke, I was looking at :
1. Do X.
2. Do Y.
3. Do Z
4. ?????

A very similar "structural scam engine" could have gone a couple of ways. I did notice when I rebooted today a couple new things are also there on bootup, so later I'll have to go unhook them. But a stray extra toolbar didn't seem too bad to deal with. I took the guess that I wasn't going to end up with a botnet zombie node and it looks like I didn't ... I think. (Do botnet zombie comps still look like they work for the user?)

So of the several "scam templates", I was mostly interested in shedding some light on "which menu item off the list did they go for".

And at least the news is out, so we know that former good site is in trouble, and maybe if he can ever rebuild his brand, he can just re-stick the content on a new site and learn his lesson and not sell it this time, or give it to someone else.

-TaoPhoenix (January 11, 2015, 03:46 PM)

We have 2 different scummy entities here. "Scummy Webmaster" and "Scummy Developer".

Scummy Webmaster, more than likely, they didn't create the software or the installer you installed on your computer. They most likely got paid for the referral when you installed it.  This is really slimy affiliate ads/referrals to less than stellar 3rd parties that promise payment for every referral...aka Scummy Developer.

Scummy Webmaster buys a site with decent traffic (FreewareBB) for the purpose of using it to make posts that directs traffic to their scammy sites, like hackfacebookpass, where they do the referring to a 3rd party (Scummy Developer), promising you something they have no intention on delivering (the code). You click an option, any option, and Scummy Webmaster gets paid. End of story with them.

Anything extra you end up with on your computer from installing anything, is the fault of the Scummy Developer that is paying them to send them the referrals.

I don't need to do any click work, no looking into who owns what domain name, what web hosting company they use, etc. looking for anything. I know how they think. I have dealt with their kind before, on a personal level. They want the easy money, which comes from gullible script kiddie wannabes actually believing if they click an offer they will get that code that was promised. They probably have another site that promises a free iPad...and another that promises free WoW gold...etc., etc., etc., which they plan on making posts linking to them, on FreewareBB, in the months to come.

506

Living Room / Re: ALERT! FreewareBB shutting down. And with a warning from Marko?

« Last post by app103 on January 11, 2015, 07:43 AM »

Here's the scam (seems like it is targeted at the less internet savvy age 12-14 script kiddie wannabe demographic).

They promise what that group wants, but have no intention on actually delivering it. Instead, they present a set of options, that no matter which is chosen (to get the code) they make money. You visit a page, install software, or anything else they tell you to do, and they make money...but you will never get a code, nor will anyone's Facebook account actually be hacked.

That's the whole scam, in a nutshell.

A friend of mine once set up a similar set of pages, after getting tired of explaining why script kiddie wannabes were never going to learn how to hack Hotmail/Yahoo in his programming chat room. Except his pages actually did do something, just not what the script kiddie wannabe was wanting or expecting. It had a form on it asking for 2 e-mail addresses (theirs and their intended victim). Then it told them that the next time their victim logged in, they would be e-mailed their victim's password. What it actually did was immediately send the intended victim an e-mail alerting them that there was someone interested in hacking their Hotmail/Yahoo account, and giving them the e-mail address of the script kiddie wannabe that filled in the form. 

You would not believe how many times these kids fell for it and filled out that form. And if they would fall for it back then, kids would just as easily fall for something similar today. The difference in this case would be that instead of someone using the form to alert the intended victim of that kid's intent, they are using it as a money making opportunity, presenting them with sponsored activities.

507

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on January 08, 2015, 10:46 AM »

"Thanks for contacting us about this job. You already passed the typing test."

508

Living Room / Re: Text/Research Book Request Thread

« Last post by app103 on January 07, 2015, 02:33 AM »

I found a few Ebay listings you might be interested in.

Transforming Company Culture GBP 0.99
Culture's Consequences US $32.95
Images of Organization US $2.99

509

Living Room / Re: Want to be in my story? See inside.

« Last post by app103 on January 05, 2015, 11:15 PM »

That's awesome! 

510

Living Room / Re: Want to be in my story? See inside.

« Last post by app103 on January 03, 2015, 04:48 AM »

lol at the bunny ears!

-superboyac (January 02, 2015, 09:41 AM)

It's the easiest way to provide a hard to miss visual indicator to my family that I am working and should not be bothered.

I originally wanted a tiara with a skull (bother me & you die), but couldn't find one that was reasonably priced, unless I wanted this one.

511

Living Room / Re: Want to be in my story? See inside.

« Last post by app103 on January 02, 2015, 06:20 AM »

I need more female characters, so they get priority.

-superboyac (January 01, 2015, 04:41 PM)

* app103 waves at superboyac

Hi there!

I have very large blue eyes, I'm chunky, have long hair, glasses, I wear bunny ears while I am working, and I am so pale that my skin glows in the dark. I don't wear dresses, high heels, or makeup, but it's not because I am a tomboy. I just like being comfortable.

Everything else you can base on your impression of me or just make it up. Have fun!  

512

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on December 31, 2014, 11:18 AM »

How to win...

513

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on December 31, 2014, 11:18 AM »

Why do they have to scan a bar code off a card except to piss you off if you don't have the card on you?

-MilesAhead (December 30, 2014, 04:50 PM)

You don't need to have the card on you. Walgreens lets you enter your phone number into their little credit/debit card thingy. I do it all the time. Also, some of your purchases will earn you points (some, a lot of points), which are valued at $0.01 each and can be applied to future purchases. I am almost at the $10.00 level, at which point I'll cash them in. (I could do it now, but I want to wait)

514

Living Room / Re: Most popular topic at Donation Coder?

« Last post by app103 on December 30, 2014, 03:58 AM »

Well, all statistics can be found on the stats page (hidden in the 'Forum Stats' section near the bottom of the forum front-page), where one can also see that 40hz is the number 3 top-poster (right after mouser and renegade)

-Ath (December 29, 2014, 04:10 PM)

I used to be in the top 10, but then I had to start spending my time trying to earn a living.  

But I did manage to solve over 30,000 support tickets since September 2013. 

515

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on December 30, 2014, 03:54 AM »

Ren, I wasn't sharing the whole thing...just that page about Finland. 

516

General Software Discussion / Re: new Site for my Software

« Last post by app103 on December 30, 2014, 03:10 AM »

I have paid hosting. They give you web space, but no domain name. You have to supply your own. There is no URL to point anything to.

but what i really don't understand is the original dominion.
Because the tk is not really a dominion.

What is your actual web ?
 

-Contro (December 29, 2014, 07:21 PM)

Things have changed at .tk. You can now use their domain names just as you would a typical .com, by inserting the name server info given to you by your hosting company into .tk's configuration for your domain.

This is far better, as now people can bookmark and share the actual pages on your site, instead of the whole site loading in an iframe.

The way you are doing it, you only have example.tk, all pages are that iframe, and you can not have something like example.tk/downloads/page.html like the site I set up for Miles.

Take a look at one of my (unfinished) sites to see what I mean: http://arussoprojects.tk/  Click around the site and look at the addressbar in your browser. Compare that to what you see on your site. 

517

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by app103 on December 30, 2014, 01:00 AM »

Does Finland actually exist?

518

General Software Discussion / Re: new Site for my Software

« Last post by app103 on December 29, 2014, 02:49 PM »

This is not the old fashioned way of loading a site in a .tk frame. I was using the .tk domain name as a normal domain. So, the site currently still there, but has no domain name and can't be reached till it does have one. I am working on trying to recover the original .tk one.

It was not cancelled due to a lack of visits. I have the name for a full year at a time (renew every February), no minimum number of visits required. I need to wait till I hear back from support as to what they want me to do to recover it (if it can be recovered).

519

Living Room / Re: Slur you're going to hate it.

« Last post by app103 on December 26, 2014, 07:38 AM »

Sounds like Slur is pretty much done before the popcorn stopped popping. And it's very possible the 2 stories are related.

520

Living Room / Re: For better security, maybe it's time to abandon e-mail?

« Last post by app103 on December 23, 2014, 05:01 AM »

Just for conversation's sake... what would that look like from the abstract?  Maybe we can hash it out?  Any thoughts?

My requirements for adoption are simple.  Not real-time, and not brief form- though it would support almost real-time and brief form communications.

-wraith808 (December 22, 2014, 12:12 PM)

So far we have:

• not real-time - but timely
• not restricted to brief form

I'll add:

• fully decentralized - no persistent servers or trackers
• non-logging protocol
• encrypted end-to-end, with primary encryption done on the local machine -
  (note: additional encryption layers may also be added further down the chain)
• some type of "trust" mechanism between peers to minimize risk of "man in the middle" attack vector
  which ideally would also serve to identify "poison" peers
• mechanism to identify tampering attempts with messages
• integral tombstone/self-destruct mechanism available for all messages with "delete after reading" as the default. "Save this message?" must be specifically invoked (a simple push button, check box, or right-click will do) for each message in order for it to be retained.
  
• to preserve message store security, encryption is "always on." Messages are only in an unencrypted state when being displayed. Unopened messages are left encrypted. Saved messages are automatically re-encrypted on close. Deleted message are zero overwritten in background.
  
  
  

What else?

-40hz (December 22, 2014, 12:42 PM)

What else?

-40hz (December 22, 2014, 12:42 PM)

How about an option to totally disable the receiver from saving the message?

"This message will self-destruct in 5 minutes" (or upon closing).

-Deozaan (December 22, 2014, 04:39 PM)

There goes most support desk software and the best monitoring & training mechanism for support desk personnel. Without being able to import requester messages into a system, pass those messages between agents, keep a permanent, searchable log of all incoming messages and their responses, tying those individual conversations to customer accounts, etc. a lot of what support desk agents do via things like Zendesk, will not be possible.

521

Post New Requests Here / Re: IDEA: Specialized folder/file cleanup script

« Last post by app103 on December 23, 2014, 04:27 AM »

It worked beautifully. Thank you! 

522

Post New Requests Here / IDEA: Specialized folder/file cleanup script

« Last post by app103 on December 22, 2014, 11:24 PM »

I have a need for a specialized cleanup script that will delete files & folders according to the following rules:

I have a main folder that contains a number of subfolder with dates as their names, following this format: YYYY-MM-DD

Within those subfolders can be any number of files & folders of unknown naming convention, unknown depth.

What I need is something I can drop into the root folder which when run will check the date named folders and will delete the ones (and whatever may be within them) in which the names correspond to dates older than 2 weeks old, regardless of the actual age of the folder. (it's possible the creation/last modified date may not agree with the folder name)

I need to be able to run it without providing path information at each run, without any confirmation dialogs, without any visible windows, without any prompts or messages about there being nothing fitting those parameters to delete, etc. And it needs to exit when it is done. I do not want to be bothered or interrupted when this runs. (whether you want to send the deleted stuff to recycle bin or not is up to you, but I do not want a dialog asking me if that's what I want to do, every time this is run)

I will be running this as a daily scheduled task to remove content that has been shared via dropbox, to solve support issues more than 2 weeks prior, to ensure the customers will only receive the latest version of the content. I don't want them to be able to download it 3+ weeks later without asking for new links/new content, due to the high probability of there having been revisions and/or corrections to that content.

If there is anything about this that you are unsure about or do not understand, please ask and I will clarify it.

523

Living Room / Re: Website access for someone in a temprarily Down Zone

« Last post by app103 on December 19, 2014, 12:48 AM »

I need to be able to be 1000% certain that they could not accidentally do anything to their normal setup since this is a once in a blue moon occurrence caused by forces unknown at this time.  I cannot risk making any changes to their normal browser or laptop

-questorfla (December 18, 2014, 05:39 PM)

The httptunnel software is an app that runs on your system and only provides the tunnel while it is running, and only for those apps that have been configured to use it. Everything else will work normally on your system and not use the tunnel.

I do recommend using a portable browser more for convenience than any thing else, to avoid having to configure, and reconfigure each time you want to use it or stop using it, and this can be any portable browser that can be configured to use a SOCKS proxy. I don't know anything about a portable IE, I don't use IE.

But I have checked and both portable Pale Moon and portable Firefox can be configured to use this.

One you have configured the browser to use it, it's as simple as launching the tunnel software, waiting for it to connect, then running the portable browser. When you are done, close both and go about your life.

As long as you are not making any configuration changes to your regular browser, nothing should go wrong.

As far as setting up a portable installation of the tunnel software on a flash drive, I do not know if that is possible. I was not referring to using a flash drive in my response. Perhaps the word "portable" threw you off? I only mentioned that because the browser would be self contained and any changes made to it would not affect their default browser. It doesn't need to be placed on a flash drive. It could very well sit in a folder on their hard drive, with a shortcut to it on their desktop.

I would suggest you download and try the free low speed service they offer and configure a portable browser to use it. Then you will understand how it works and the experience will probably answer most of the questions you might have about using it, and also allow you to be able to explain it better to them.

524

Living Room / Re: Website access for someone in a temprarily Down Zone

« Last post by app103 on December 18, 2014, 05:25 PM »

They can try this: http://www.httptunne...tp_tunnel/client.asp

I have used this one before. They have a free service, but it's at dialup speeds. If you need faster, you have to pay. A month of service is about $5.

They can try the software and see if they can get it configured and working first, on the free service, before considering paying for faster speeds.

This works for more than just browsers, too. Works quite well for some P2P software/networks, IRC, instant messaging software, etc. It works with any software that can be configured to use a SOCKS proxy.

Years ago, Martin used it to access my chat room, MSN, and a bunch of other stuff, when the ISP at his college dorm instituted protocol blocking (everything except http/https was blacklisted by default). And the company has not raised their prices in over 10 years. It's still the same $5/month.

If they travel a lot and run into this problem frequently, it might make sense for them to have the software installed and a portable browser configured to work with it. Then it's just a matter of running their software and starting up the portable browser whenever they have a problem. No need to have to configure it more than once, and with the free service it's always ready, on standby, and won't cost them anything to just have it ready to use.

525

Developer's Corner / Re: Silder Revolution (not Wordfence) Hacked

« Last post by app103 on December 17, 2014, 12:58 AM »

The web development company I work for has a client that got hit on Sunday. I discovered it, just as I was about to do some work on his site and couldn't log in.

A little more info on this...

Over 1200 themes sold on ThemeForest were vulnerable to this back in September, around 300 of which were never patched...and the users of the themes that were patched, most did not receive notification that they need to update their themes. (which is how our client got bit)

ThemeForest also gives away a theme or template every month, so any collectors out there most likely has at least 1 vulnerable theme in their collection that can not be updated (freebies don't come with updates).

You can find the list of vulnerable ThemeForest themes, here: http://marketblog.en...ews/affected-themes/

And this is only the ones they know about that had the vulnerable plugin integrated into it. If the designer never mentioned it in the theme's description, then it's most likely not on the list and the vulnerability status would be unknown.

And there could be more premium themes from other designers and theme shops that are vulnerable, as this premium plugin seems to be a very popular one that premium theme designers love integrating into their themes.

And this is why I hate premium themes and plugins. For most of them, there is little to no support for automatic update notification. You can end up with a ticking time bomb and never know it, till it's too late.

If these were a free plugin and themes from the official Wordpress repository, users would have been notified through their admin panel and/or email as soon as an update was available, with most of them being given the opportunity to fix the issue as far back as 3 months ago. And it's dead simple to update if it's from the repository...one click & it's done. With premium themes & plugins from ThemeForest, it might not be so simple, as they are not known for designers that follow best practices when it comes to keeping the theme or plugin separated from the site's content.

And if you get hit with this and have no idea how to clean up your site, it will cost you plenty to have someone do it for you. Securi charges $99 to clean up a site hit by this, and the company I work for charges even more. It could have been really bad for our client, who luckily only had 1 site hit, even though he has used the same vulnerable theme on a bunch of sites.

He found the problem using Wordfence

I found out where's the problem with Wordfence

If you are referring to

/wp-includes/template-loader.php
/wp-includes/js/swfobject.js

Those are not Wordfence files, if a plugin uses WP's Includes folder to insert js and php files I would not use it to start with...

-rgdot (December 14, 2014, 04:04 PM)

How are the updated one's not Wordfence's files if the fix is to re-download the archive?

I'm not sure... I wasn't affected.  I just figured someone might benefit from knowing in the case that their site was displaying the same symptoms.

-wraith808 (December 14, 2014, 04:08 PM)

Wordfence is a security plugin for Wordpress that can detect this malware. The fix is not to re-download the Wordfence archive...it's to download the Wordpress core files and reinstall it, overwriting the affected files. Then either update or remove the Revolution Slider plugin, or the premium theme that has it integrated into it.

Now this is a good starting point to finally replace WordPress by a static blog generator.

-Tuxman (December 15, 2014, 03:27 AM)

Totally not necessary, when the problem is not Wordpress itself, but an outdated 3rd party add-on. If we applied that kind of logic to OSs, we would have to get rid of them all, as there are exploitable outdated 3rd party apps available for all of them.