Thursday 20 May 2010

Top 5 'new-age' Dictionaries

Dictionaries is the home of words. The list is according to their awesomeness, the most awesome one is at last. Although, i'm pretty sure you will have to try each one of them. The list contains two software, i had been partial choosing the list as Mac and Linux users already enjoy in-built dictionaries and the poor windows users has to download one. No otiose crap, every element is different.


Wordweb
It is a software, a lightweight software that runs in the system tray. To look for meaning of a word, select the word, then Ctrl+Alt+W or Ctrl+Click the word. The small dictionary pop-ups and magically shows the meaning. I was previously using Wordweb pro version 4, it was all i needed but had no support for google chrome so had to upgrade to version 6 free version.


Onelook
It is the meaning of internet. In a true sense, i use it as a word finder. Use operators to find new words that make sense to you. The website is suffice to understand the importance of it.
 

Urban Dictionary
Things get short, internet has provided a boost to english as a language. It is dictionary by people. That's the reason that every word ever spoken in the backwaters of this planet is even in this thing.The old fun: Try seaching the your name in it, you will be fascinated. If not, then just add a new definition!



Google Dictionary
Yes, google even has a dictionary. It shows quotes that were in news in the recent past. Below the usage examples it displays some links to other dictionaries also. I use it for the defining the word in simple language. As you can see in the screen shot, it is a multi-lingual dictionary. Every widely spoken language is included.



Visual Thesaurus
I'm sorry but it is the only one not free. That was also the reason i didn't wanted to include this but It is the dictionary for fun. If style is what matters to you, it is one of those softwares on your computer that you want to show to the world. Not quite popular however best of it's kind. Try this free online version/emulator of the dictionary, though the software is a lot more cool. Each branch with different color represent a different thing. That wow thing. It is also available for Apple users.
Cost: $40
Simply vacuous fun.

I strongly think that if i had to pick any one of them, breaking the rules, i would choose the in-built dictionary of Mac as the best one.

Update:
Google Chrome Extension
I noticed that there is a google chrome extension called Google Dictionary, since most of us need it when on web, it can be quite a handy tool.
Ubiquity
Wikipedia is neutrality is amazing. I too want to be neutral, a Google chrome extension means another add of Firefox one. You will find many dictionary addons on Firefox, but no one has that aura. Ubiquity is not really a dictionary, it is much more that that. Aza Raskin started this lab experiment it had to be great. To get the definition select the word on page press Ctrl+Space, in the interface that comes on type define. Here is the video by himself explaining it all.


Ubiquity for Firefox from Aza Raskin on Vimeo.

You know something more kewl? Please leave a comment.

Wednesday 19 May 2010

Intelligent Phishing

Not much days ago, Twitter warned users of a phishing attempt. After clicking the infected link, they landed on a login page that was indistinguishable in terms of design from the original twitter login. After you gave your credentials, it redirected you to twitter home page(as you were never logged out). It was though a simple idea, many fell for it. Thus, hacked(err.. Technically 'Cracked' ).


Anyway, it's the most real trick. The villain can get your password, without a try, and you are giving it to him. No offense, but it a truth universally acknowledged that few of :) people on Social Networking sites are nincompoops. Hence, easy targets.

They fall for tricks like phishing. As it is, not quite difficult, find a free host and make the page look like login page of say twitter. Now what you have to do is, to get somebody visit the link. In the optimistic world, it'll be quite good if you even got login credentials of 1% of users visited.
[Image: Toastyken]


Well.. that was easy. There is quite high chance you already know about this. wait, there is something more.


Tabnabbing aka tabnapping!?
First of all, tabnapping?? the name is crazy. still getting used over the web now.This is the latest and the most intelligent one. You visit the page of bad guy, it's normal and informative now. With many more tabs open, the site of bad guy loses focus. Thanks to Javascript he detects it and changes his page's favicon and content to that of Gmail.com. You return to the tab, thinking you need to login, thus enter your credentials. All done. Again, this is Aza Raskin!



But, wait a second, are we so stupid to not remember we have gmail login open? maybe not this time, you can't be attentive every time! Hugely inspired by traditional phishing, they'll redirect you to the original page once you've entered the information(no matter right or wrong!). Obviously, you were never logged out. There is a creepy presentation Aza Raskin has on his page. Goto the link, after the page has loaded. get busy with another tab, after at least 5 seconds come back. Whoa! it has Gmail icon and whole page looks like that. Aza says, he was too lazy so he rather just showed the screenshot of gmail login. You get the idea it is possible.

Preventing Phishing
Not getting into what needs to be done with browsers, although the very complexities. It is a normal phishing attempt, just keep your eye on the URL. When logging into great things.
Any mis-spells, additional suspicious domain are the signs of phishing. and particularly avoid using full-screen mode of browsers while you login to any service.
One of the more secure thing is to make firefox remember your password, so whenever there is a login prompt firefox will fill it for you. In case it didn't, you'ld get some instinct or suspicion that the site's not right.

Desktop Phishing
Now this defines awesome. The bad  guy can get your username password even if you are on the right page. That is you login from the right page like http://www.twitter.com/login still you are falling for the trick!
How? See the video.




Note:Ok you googled it now? You will not find much about it. I am not big enough to interpret what is going on behind the scenes. But surely it has to do with security, normal bugs to be public is not a huge thing. Since, the potential of so called 'Desktop Phishing'. It is scary and without a cure today, that might be a reason why it is not something you have heard of.

So what he did is, he modified a system file that operates the TCP/IP protocol. How he modified it is even more simpler, compressed the file to be modified in sfx extention(it will extract itself). Obviously you won't start it anyway, so it is along with a legit software like teamviewer. Now every time the victim visited paypal.com, he is actually visiting the fake paypal page from the bad guy. The login button does nothing but saves your credentials in some file. Every noob in the cyber cafe at the corner of the road can do this.
Even more than that, imagine it's use on public computers. The computer owner may himself modify the file. Every one opening http://www.facebook.com for instance will first fall on his clone, after giving the credentials he can be redirected to the original facebook login which can lessen the suspicion of the user to a great extent.

How to prevent from this thing?!!
The only solution is to, use only official and trusted websites for downloading any piece of executable code or file. The way it is extracted and the type of file it is, no Anti-virus will warn you. Actually, no will know.
To the threat to public computers, i'm still unable to find a cure there. Comment if you do not agree! Surely, Desktop Phishing is the best way to 'phish'.
You don't need to be paranoid here. There is someone claiming that they'll alert you whenever the HOSTS file is edited, try inquiring about it. I'm not sure of its credibility.

How Secure is your Browser?
In most cases, we think Firefox is a reliable browser(It is, even Chrome Safari and IE are pretty much. No browser treats your privacy like facebook does.). It'll warn us, on many sites it does. But.. the speed and ease you can register a new domain(especially free ones) it is impossible for a browser to stay up to date with the amazingly new ways hackers find to bypass security. In real world, it never matters that Firefox saved you 100 times from phishing, still for the only time you are 'cracked' the loss is no less.
Here Gercek Karakus tells you how open you are when on web. Similar example StartPanic!
If they still seem a low threat, imagine a phisher who first knows which service do you use on the computer, and then present you the login page of same service. You'll not be able protect yourself every-time. or someone who first knows which bank you use then present you their login screen saying "Your login has expired!" which is normally what they show.

I'm sorry if you've freaked out. But that is windows. :P
Download Virtualbox, and install Ubutnu on it. For more information, here is Tutorial. Once you get used to things in Ubutnu, you can prepare for dual boot. Linux are the safest systems out there and FREE too! FYI I don't belong among those Free and Open source software(FOSS) junkies, rather i think the energy they waste hating windows could have been better utilized if they wrote few good pieces of code for *nix. In a nutshell, windows is your native OS, keep it. But don't be blind to the world outside.

Internet is awesome technology but not at the cost of intrusion of user's privacy. Stay safe.
Related Posts with Thumbnails