Sunday, February 22, 2009

Privacy is dead in the European Union

Privacy is deadAccording to recent news, cops and government security services do not any more need a warrant to hack into other's computers. This was done, following the proposals by the European Union about extending use of intrusive surveillance.

At present, authority has to be granted by a chief constable. But, this level of authority does mean a blow to personal privacy. The common man is the loser here.

Opposing political parties and privacy organizations are threatening a legal counter attack.

According to other reports, 194 police hacking operations were already accomplished in England, Wales and Ireland in the last two years.

But all in all, the common man is the real loser, as no doubt these powers that have been granted to the police officials will some day or the other, be misused against people for personal reasons.

IT-Panel: Police can hack into your PC

Capatcha: No more secure

Capatchas have long been the basis of security in many ongoing web services. Capatchas have been used to provide security against bots and automated systems, that try to sign up, brute forcing site passwords, posting articles etc. Capatchas have become the very foolproof verification that whatever is trying to access a particular page is a person and not a machine.

But now, even CAPATCHAs are vulnerable to getting cracked. Researchers from Simon Fraser University and Berkeley University have found out ways to counter attack the system of Capatchas. No more will any bot be debarred from doing whatever it is designed to.

The researchers have programmed a system, that can crack Yahoo capatchas with a success rate of 92%. The researchers include Greg Mori from UC Berkeley Computer Vision Group and Simon Fraser University and Jitendra Malik from UC Berkeley Computer Vision Group.

The research had been published in NEWS articles back in 2002. I'm not sure if Yahoo still uses the system they'd been able to crack, but their research does prove that even Capatchas are vulnerable and further research could even bring the current Capatcha technologies down on their knees.

The basis of the algorithm

The algorithm was based on simple image recognition algorithms. The same algorithms had been used to recognize people, objects or text in images. They simply used that algorithm and named their project EZ-Gimpy.

Their original work can be found here.

assertTrue(this): How CAPTCHAs can be beaten

Sunday, February 1, 2009

Making a mail list from all mailing addresses lying around

I was recently on a project of spreading words about my new magazine, for which I was not getting contributors. The best idea I could think of, was to mail people and let them know about it. So, I got out all mail addresses from my orkut account, my address book, and some mail list that used to email all recipients in one go, from which I got most of the addresses. Now, the problem was that, I could not make it typing 1070 email addresses in the To field of my email client. I had to get them in one csv (comma separated value) list. This article would rather be a how to on this topic. I wrote programs for that, whose source code is freely available here along with makefiles and a readme file.

  1. The first thing was to get the list in a file in some format. The mail list was the first target, which had many addresses. So, I had them in space (' ') separated format. So, I wrote a program eliminateduplication, which will also eliminate the duplication of email addresses, that is two addresses in the same list, and give the output in another file in csv format.
  2. The second source of addresses was Orkut. I pulled out all contacts in csv format. But, this time it had the names as well. So, I had to open it in a spreadsheet program. Although I used Open Office, Microsoft Excel will do fine. Then all I did, was copy the specific column containing the email addresses, and pasted in a file, where the addresses got separated by Enter. For this, I used the program crlf_to_space, which will take input from the file maillist.13 and put it in a space separated file maillist, which can be later put in maillist.csv.
  3. The last thing I did, was open the maillist.csv file in a text editor (kwrite, gedit and notepad are examples), and copied the whole list to the To field. The problem was solved.
The programs are made with standard C functions. So, the program should compile with any gnu compatible compiler, like gcc in Linux and mingw in Windows. Other compilers will also work, but one will have to compile the individual files, because the Makefile is GNU compatible.

  • Do not delete the maillist file, because any later additions can be done to it, and eliminateduplications will just write those in csv format to maillist.csv, overwriting any existing addresses.
  • Download your gmail contacts in csv, and copy email addresses as instructed earlier. Then use crlf_to_space, to append those addresses to the maillist file. This will not overwrite the already existing addresses in that file.
  • After this, use the eliminateduplications program to save the space separated email addresses in maillist to maillist.csv in csv format.
  • These programs can be useful in gathering various email addresses from different locations, and using them all in one go, without having to type the individual messages.
Download The Mailing List Project: