You wake up at 4:23 AM on an SMS saying: "your blog is hacked!". 
What would you do?
What if, you weren't able to access your server because hackers changed your passwords?
You manged to reset your passwords, accessed your server to apply corrections and things are running smoothly (w heik), what if your backup dates from the last month?
What if, you had no backups at all? 
Would you cry? I would have definitely cried.
Back to the realm, when it comes to blogs and websites security, it's not always your programmer's mistake (though most of time it is), sometimes it's yours; and it's doubled when you are your own programmer.
Wordpress, Drupal and other platforms installations are secure but common mistakes come from the publisher's level, especially when you are a journalist on the fly publisher.
Considering security in general, it is a trade of Usability and Functionality. Too much ease-of-use and functionality kills security, where too much security kills them both.
You don't know your enemies, nor their skills, nor their resources; hacking techniques became so easy that unexperienced kids can hack you within 3 clicks - occasionally, hackers are hired to unethically hack other people, others hack just because they can. Are you afraid? 'guess you are or else you wouldn't have been reading this.
On the other hand, human hackers are not the ones who only attack you, Gauss White is a typical cyberespionnage example that targeted the Lebanese banking sector back in August 2012.

Here are the commonly met security mistakes/misconfiguration

"Everything you said on the internet might be soon used against you"
(photo from
Internet security and privacy during the upcoming weeks might dive into disastrous repercussions :
Due to the solemnity of the recently discovered security loopholes (stated subsequently), 2014 is nominated to be the year of credential theft, online payment fraud and privacy violation.
Taking into consideration hackers' notorious motivations and skills: "not profiting from this occasion will go unforgivable"; By exploiting the discovered vulnerablities all together, internet security might face the darkest ages that internet itself will strive to disremember.
If you are too lazy reading technical stuff, you may directly jump down to the recommendations section.
While music genres differ in the types of neurological stimulation they evoke, listeing to music in the morning affects the mind deeper than any other time of the day, results in terms of physiological and psychological progressions have always been underrated.
#DailyZouwedeh or زَوّادَة اليَومِ has been my each-and-almost-every morning musical food since summer 2009: It is the musical track that suites my morning coffee and cigarette depending on my state of mind.
In this post, I wrapped up all the daily zouwedet from 2013 in one post just for the record of musical mood progression/regression over the year.
It's important to note that the hashtag is not proprietary and everybody is invited to make use of it (especially when I die).
People don't ship with user manuals, same applies to the other type : `The Security Phreaks`.
Whether you dated on purpose or by mistake the `security girl `or `security guy` (a.k.a. InfoSec, Information Security, IT Security or simply a Hacker), here are some instructions that might be helpful to tweak and maintain a sustainable, fruitful relationship full of joy, happiness and those shits.
If you are into security stuff, the below will help you understand yourself more.

Today featured the 2nd Solar eclipse for this year, the first one (on May 10, 2013) where the total phase was seen by australian citizen and dolphins of the pacific ocean. The 2nd one happened today (Nov 3, 2013) its full phase was seen by citizen of equatorial Africa and dolphins of the North Atlantic.

As for Lebanon, the full phase wasn't visible and the eclipse didn't reach more than 20% between 15:14 and 16:38 of the day, reaching a peak at 15:58.

While fake photos about this event went viral showing more than 50% of lunar penetration in the solar disk (shown at the bottom of this page), below are some of my photos shot today from Bhannes, North Maten.

While a full moon is supposedly omnilighten (same light level distributed over the disk surface), yesterday night wasn't any regular case. The moon underwent a Penumbral Lunar Eclipse where the surface showed subtle changes and the bottom part  looked darker than the rest of the dish.

An Umbra is the innermost part of the shadow where the ligh source is totally blocked.
The Penumbra is the 2nd layer of the shadow where only a part of the light source is blocked.

Yesterday's phenomenon was a Penumbral Eclipse, this happens when the moon passes through the earth's penumbra where only slight changes happened over the moon surface. 

Comparing the below photos, the moon a bit darkish from its left down side (2nd photo) caused by the shadow of the earth. Note that this effect cannot be easily detected by a naked eye.

Supposedly you don't intend to swindle your friends, if any of your mates invites you to an event at Hotel Le Royal Dbayeh to propose a business plan - Don't go, unless your time is free as a free bird and the invitation is free as a free beer.

Some people are renting halls there and will try to persuade you, rip you off and rip off your friends under the title of "The future is now". This post resumes my prematurely-ended story with Bonopha/Kyoob7 scam and its connection with the real world order.

The main purpose behind is to make people aware of the rencently propagating scam and prevent future one that might affect our society and Before proceeding this, I suppose you are familiar with the Pyramid Scheme fraud concept and Gold Mine Int. (GMI) - the scam that invaded Lebanese universities for the last 6 years where many of our friends lost big amounts of money.

Most often you find yourself in a coffee shop surfing the internet, uploading files to your FTP server or updating your blog.

In case you are familiar with Man in the middle attacks I don't expect you doing any of those stuff under untrusted WiFi (same for wired ones), else you should think twice before executing any activity under public access points.
Scared? Well you should be !

Usually coffee shops (places you go to buy/drink coffee from) cannot afford expensive APs that prevent such attacks, having in mind that executing them can be easily done by script kiddies using hacking tools with few clicks.
To avoid being prey for such attacks you can make use of the below script that I developed and use in Public networks.

Historically, 'Tri Martolod' used to be sang by Breton sailor men in the 19th century. Alan Stivell found this song in breton musical books and was the 1st to export it to the outer world.

Before it was cool, this traditional song was buried with dust and Breton folk when Alan Stivell decided to rearrange it and remaster a rock version with folk influences.

I knew this famous Celtic tune for several years but never thought about digging into its roots neither knew the original title. After that 'Inis Mona' (the death metal cover version) refreshed my memories, and that a friend of mine helped me identify the title of the original song, duty called ! Some studies should have been done about its origins and the most common ripoffs that I remarkably liked.

[Here is another and easier method to reset your router admin password, this tutorial is compatible with D-Link DSL-2640U (ADSL Router). ]

After being billed for 200,000 LBP, a friend of mine contacted me today suspecting neighbors for stealing his bandwidth. After trying endleslly to contact Ogero support to reset the router password and switch to WPA encryption with no sucess, we were left with the only other option... DIY!

The problem with this ISP, knowing that you payed the router's price, it's inside your premises and is supposed to be you propriety, is that they don't provide you with the administrator access over your router.
Additionally, the applied configuration is weak which results in an (ab)used bandwidth.

Syndicate content