KnowTeBook - Webworkers Daily Milk » security

How To Hack Feedburner Subscriptions

Knowtebook — Sat, 09 Aug 2008 11:21:13 +0000

We are glad to have all the submitted links and sites during the past couple days, because we could enlarge our horizon as well (thanks to all of the submitters!) and found a post by Stefan Vervoort. Unbelivable and possible! Boris Veldhuijzen van Zanten has manipulated Feedburner in 2 minutes and had over 2.500 new subscriptions over night by just changing the code of your website and using netvibes.

So advertisers must start to overthink the influence of feedburner subscriptions when measuring websites for advertisement.

While the hack still works, Joop Dorresteijn is happy to tell you that Google and Netvibes are working on a solution to the problem. Steve Olechowski, co-founder Feedburner mailed him and said: “These things happen occasionally and are usually fixed in a couple of days”, he added that the feedburner counts do not influence advertisement measurement. Franck Mahon from Netvibes said: “We are working on a fix to filter out in the reporting the duplicates while still allowing people to add several instances of the widget to their startpage.” When things get fixed, it would be interesting to see the differences on some sites.

Security: Ultra High Security And Unique Passwords

Knowtebook — Thu, 17 Apr 2008 18:11:43 +0000

Most passwords have a length of 6 to 12 characters. They are kind of safe, but a hacker has tools to get them cracked. So it is even more and more important to have a password which is really unique and can not be displayed a second time. GRC, Gibson Research Corporation, has developed a generator which is generating long, high-quality random passwords. So here is some totally random raw material, generated just for YOU, to start with. In newer wordpress versions such a unique key can be put into the wp-config.php. It will make your blog a safe it can be.

What makes these perfect and safe?

Every one is completely random (maximum entropy) without any pattern, and the cryptographically-strong pseudo random number generator we use guarantees that no similar strings will ever be produced again.

Also, because this page will only allow itself to be displayed over a snoop-proof and proxy-proof high-security SSL connection, and it is marked as having expired back in 1999, this page which was custom generated just now for you will not be cached or visible to anyone else.

Therefore, these password strings are just for you. No one else can ever see them or get them. You may safely take these strings as they are, or use chunks from several to build your own if you prefer, or do whatever you want with them. Each set displayed are totally, uniquely yours — forever.

The “Application Notes” section below discusses various aspects of using these random passwords for locking down wireless WEP and WPA networks, for use as VPN shared secrets, as well as for other purposes.

Easy To Use HTML Encoder

Knowtebook — Sat, 09 Feb 2008 21:23:21 +0000

The obfuscating HTML encoder is an easy to install PHP script that obfuscates all your HTML output into a coded form, making analysis of your HTML pages almost impossible.

photo credit: rpongsaj

Works particularly well with Internet Explorer, used by over 90% of internet users, (see statistics), where image and text copying is also prevented.

Domains: urlto - Verfolgung von Links verhindern

Knowtebook — Sat, 09 Feb 2008 21:23:21 +0000

Jede Website protokolliert die Herkunft der Besucher mit, d.h. jeder Link von Ihrer Website wird im sogenannten Referrer-Log aufgezeichnet und ist so nachvollziehbar. Mit urlto.de können Sie dies umgehen, denn dem Empfänger wird keine Möglichkeit gegeben die Herkunft des Users einzusehen.

photo credit: AMagill