June 28, 2011 § 7 Comments
It was the day before our second year of MBA was to commence, and four of us dorm mates and batch mates were dining out at a open air (read roadside) restaurant. It wasn’t very fancy, but was near to IIM Ahmedabad, served good non veg stuff and was cheap. Being a little finicky about hygiene, I preferred consuming mineral water instead of the water that the restaurant was serving. While we were having dinner, a poor beggar lady and her kid arrived at the perimeter of the restaurant and they were asking one of the waiter for water from the restaurant tap. The waiter asked them to come later and shooed them away. I went to the restaurant manager and asked him to provide them with a bottle of water and food and charge it to our table. To be frank, the items I ordered for them was just enough to suffice two adults (though I doubt if they have ever had a wholesome meal anyways) and the items weren’t exactly the most rich/costly/delicious items on the menu. Good deed done, we were happy, had our meal and left the place.
Fast forward two days, we were exiting a posh Bengali restaurant in Ahmedabad after having had a sumptuous, overpriced dinner that cost nearly half the monthly income of an average Indian (India’s per capita income being around $1000) , when we found a frail old man with a limp trying to sell incense sticks outside the restaurant at 11pm in the night. We bought two packets of his stuff, despite them being slightly overpriced, content that we somehow contributed towards a meal for him and his family. Such do gooders we are.
After getting back to the dorm it set us thinking, why does this frail old man have to sell incense sticks at the dead of the night to make ends meet (barely so if at all)? Why did that poor woman and her less than 10 yr old son have to beg for water while people nearby were wasting food? Few days later I saw the same old man again selling incense sticks near another food joint. This old man will probably die an unknown death, may be because of natural causes, a stroke or even a heat stroke. Same goes for the lady. Her son will probably grow up to become a migrant worker. If either of them suffer from a major disease, there will be no doctors or treatment for them. They will simply suffer and die.
Why is it that some have excess of what they need and cant figure out what to do with it while others do not have enough to survive? I am sure Capitalism and free market has done a lot of good. We can see it ourselves; just compare India before and after liberalization. But what about the poor? With 38% of India being poor and with 8 Indian states having more poor people than 26 poorest African nation how can we or the government just ignore them? We as Indians have become so accustomed to seeing beggars in the street that we don’t give a second look at them. Last year I was interviewing exchange students for an article, and at least half of them said that one of the things that they noticed when the landed in India is poor people. “I know you ignore them but for me it was stark and really a very new experience” said one of them. They were not trying to belittle India and in their defense they had a lot of nice things to say about India, Indians and their batch mates at IIM-A. We are so used to seeing poor people that we don’t really feel for them. We sit comfortably in our cars, windshield up and AC on, while the poor kid is trying to sell you flowers (often at exorbitant prices) at a traffic signal.
So what can be done? For one, we need not just provide free compulsory education, we also need to provide enough incentives for the parents of the child to send him to school. And it should not just be limited to primary or secondary education; higher education should be free if need be. Scholarships and fee waivers are a means to achieve that. Of course, scholarship should be meaningful; INR 5000 a year as scholarship is nothing but a sad joke. And not just government colleges, private institutions too should be brought under the ambit of this. And yes they will come. Education in India is a huge and thriving business, and these private institutions will still be making money even if they admit at least 25% non fee paying students. Oh yes, coaching classes too. Not every parent can send their kid to Bansal Classes for INR 75,000 to prepare for IIT JEE ; put another INR 100,000 for food and stay and its 4 times the per capita income of an average Indian parent. Coaching classes make pot loads of money even after paying upwards of INR 10,000,000 to some of their star faculty. Why not pass a bill to make allow poor students to sit for their entrance tests and admit them for free if they clear it? Housing for those students can be provided at school or college hostels at the tax payer’s expense (assuming 200,000 students come to Kota every year to prepare for IIT-JEE/AIEEE/AIIMS/PMT and the housing and food for each students cost INR 3,000 per month, it would come to INR 600,000,000 or just INR 60 crores; compare that to the notional loss of INR 1,760,000,000,000 in the 2G scam alone).
Capitalism, while it creates enormous wealth, causes constant innovation and gives us better and better products and services; it also results in concentration of wealth in the hand of few thereby creating divides. I have nothing against someone driving a Mercedes (even I aspire to own one someday) but have objection to people not even getting the basic necessities needed for a dignified living. Why is it that Mukesh Ambani lives in a multistory million dollar palatial house while another lives in the sidewalk? I am not saying we should become a communist nation (I don’t have a communist phobia either by the way) and attempt to distribute all wealth evenly irrespective of the person’s contribution. Communism is an unnatural system. People want rewards and incentives and communism takes that way thereby giving people no reason to work hard or come up with innovations. That being said, the government needs to do more. While it is agreed that higher tax rates act as a disincentive for people to work harder and put in more hours what is wrong with taxing the super rich even more? Does Mukesh Ambani really need USD 27 Billion or does Bill Gates really need USD 56 Billion? Does Mukesh Ambani, already India’s richest man and very publicly so, need a house like Antilia to prove his superiority over the other relatively poor neighbours in his ultra posh neighbourhood? Unless they want to buy out African countries and probably colonize the moon, they would not need this much money. Whats wrong then in taxing the very rich a lot more? Of course, you could say that they will have no incentive to create more wealth if the tax on them was raised. But would that really be a very big problem? A company like Microsoft or Reliance does not only run on the whimsies and fancies of its MD or CEO but also has to create wealth for its shareholders and employees, most of whom are obviously not super rich and would still have an incentive in seeing the company perform better and better. Besides, it directly addresses the divide that capitalism creates. Bill Gates, to his credit, is doing a lot of good through the Gates Foundation and he has pledged to give away 95% of his wealth in his lifetime and that’s admirable. But a majority of them haven’t.Of course, my thinking may be naive and some of you may think I am nuts. And yes, a legislation that attempts to do something of this sort will never be allowed to pass by the powers that be. So yeah, its mostly wishful thinking.
Whatever it is, wishful thinking or not, something needs to be done to ensure that every person on earth gets a dignified existence, a proper education, a house to live, food on the table, health care whatever the ailment may be. And while our eyes are fixed on the double digit growth dream, we should ensure that the less fortunate, the failures in the free market race, are not left very far behind.
Seriously do we ever think, when we are wasting thousands on alcohol in one night, about the plight of the less fortunate? How many of us will actually do something to address the problems of the poor in the next 1 month, 1 year or a decade? I am myself not very sure if I would.
A few countries ( I believe one of them in Denmark) have done a lot to create a egalitarian society. I will need to research more on countries that have achieved high levels of equality and how they have done so. And yes, look at www.300house.com. Their aim is to build houses that cost USD 300 which should be affordable for a large section of poor people. I also recently ordered “Poor Economics: Rethinking Poverty and the Ways to end it” by Abhijit Banerjee and Esther Duflo which should be interesting.
Have to sleep now. Got a class early morning tomorrow. Do leave comments. Would love to know what you think.
June 26, 2011 § 58 Comments
Sunny Vaghela’s biggest claim to fame has been his discovery of the Orkut vulnerability that got him some airtime and his 15 seconds of fame. Some basic investigation led me to find a pre-dated advisory of the Orkut vulnerability ( Net-Square Orkut advisory) realeased by Net Square (Pallav Khandhar and Saumil Shah) on January 31, 2007, a good 9 months ahead of Vaghela’s claim of discovery of the same. Not just that, Susam Pal and his colleague Vipul Agarwal again wrote about the same vunlerability ( Orkut Server Side Session Management Error) on June 22, 2007 , giving due credit to Net-Square.
There is of course the possibility, however small, that Sunny Vaghela did independently discover this bug well after it was found by Netsquare and he is unaware of the discovery by Netsquare. And we could give him the benefit of doubt for the same.
Sunny Vaghela’s has earned the distinction of being the third Indian to feature on attrition.org Charlatan list right after Ankit Fraudia and Sahil Khan, not a very great company to keep.
Susam Pal has also written about the same of his blog (The Orkut exploit). He has also posted the emails exchanged between him and I.
December 26, 2010 § Leave a Comment
I have heard a lot of my friends saying that one needs to finish ones studies all in one go because your desire and capacity to study goes down once you start working. I disagree. I think I have studied for far too long. All those things that I only read and never implemented. All those crazy ideas that I don’t yet know if they will succeed. No, I really need to get out there, do some work, real work, and see how it feels. I am sure I will get bored in a few years and be itching to get back to academic life. I will take the plunge back to academics, study with a renewed vigour, have fun, enjoy.
Disclaimer: Exams round the corner. Hence such thoughts
December 10, 2009 § 25 Comments
This is a continuation of the Ankit Fadia Demolition drive. Seems like it has become my most widely read post. Part of me is happy that I have been able to open the eyes of a few people. Part of me is surprised that among all the other awesome (yes they are) posts on my blog, people largely choose to read the one that tries to expose someone, seems like people love controversy more than anything. That said, I guess its largely because Ankit, and people like him, have hoodwinked the media and the people for far too long and such a piece is bound to generate interest. Thanks to all readers and others who have talked about it all over the internet.
So yes, coming back to the recent happenings, Ankit now anchors What the Hack! where he teaches the common man (rather should I say “the MTV loving, totally-ignorant-about-tech and very easily impressed 15-20 somethings” [Hey nothing against MTV or its viewers, I watched it too when I was a kid, though I don't get the time or opportunity to watch TV any more]) the nuances of hacking and such complicated and technically intense stuff how to select a good password, use Google Labs features etc But, no, we aren’t gonna talk about that.
Rather look at this interview of Fradui on Hyderabad Times . Lets discuss it a bit. Its fun
Hyderabad Times:Do you think like a criminal …?
Ankit Fadia:Yes, I do. If I don’t, I can’t hack their websites or decode their messages. It’s important for me to understand what is important for them and how far they will go in achieving whatever they undertake. I have to surpass their understanding and then think beyond to stop them from being successful in their plans.
Really. Why would you like to hack anyone’s website? Why would you want to deface sites? Is that supposed to be what he calls “ethical” hacking. As for defacing a website, I am not sure understanding “what is important for them and how far they will go in achieving whatever they undertake” will help you in breaking into a site. If I am not wrong, you gotta find security loopholes, learn about their systems, what version of which software they are running, may be launch a well crafted buffer overflow etc. This is not some hide and seek, Bond type game. And who exactly has asked him to get information about “their plans”. And who are they they? Why is he making it all seem like some vigilante style action.
HT:Having decoded an Al-Qaeda message and challenges thrown at you from Pakistani hackers, don’t you fear for your life?
AF:I have received threat calls. Just before a trip to Australia a few years back, I was told that I would not come back to India alive…..There are these three girls who have been continuously stalking me.
Haha. Even our movie starts, sports stars and ministers won’t openly say such things though many of them have probably got threats.And now he is also suggesting that 3 girls are stalking him. What? They will seduce him and then kill him. Naked Weapon style? And whatever, the so-called challenges were thrown at him by Pakistani hackers, he failed all of them miserably.
HT:What makes you hack?
AF:I want to know everything about controversial people. I’d love to hack Rahul Mahajan or Rakhi Sawant’s mail IDs.
Really. What is he? A stalker, a voyeur? Only such people want to read others’ emails. I am sure neither Rahul Mahajan nor Rakhi Sawant are a threat to national security that the great “ethical” hacker and saviour of Indians, Ankit Fadia, has to read their emails.
HT:Do you hack your girlfriend’s and your friends’ IDs?
AF:Yes. Very often. I do that to see what’s happening in their lives. It’s for fun . But they get annoyed. So, after hacking, I tell them.
Poor girl. That is, if there is one. Seems like, Fadia does not understand the meaning of the word “privacy”.
HT:Are you open to acting?
AF:Well, yes…if there is a good offer, I am game.
What can I say? Judge yourself.
And also do take a look at Fake Ankit Fadia on Twitter http://twitter.com/FakeAnkitFadia This guy is awesome.
And finally for all those people who admonished me for doubting the credentials of Gujarat’s…nah..India’s pride and world reknowned “ethical” hacker, Sunny Vaghela, here’s a little something. Under the “Research” section in Sunny’s website you will find “Orkut Hacking” (though I am not sure how any of that qualifies as Research, wanna see real research, read up stuff on acm.org or ieee.org). Here he has mentioned about a Orkut vulnerability where the session cookie does not expire and therefore can be reused to gain access to someone’s Orkut account. Now, if you see this advisory you will find that this very vulnerability was reported by them already in 22nd June 2007. Not just that, as that advisory mentions, it was Netsquare that first found this vulnerability back in 10th Feb 2006. Susam and his colleagues republished it because the vulnerability was apparently not fixed by then.
Now I don’t know when Sunny went to the media with this vulnerability, but from this it seems this was sometime around October 2007 (Also after reading the post, it seems Sunny may have authored it in a fake name). So whatever it is, it wasn’t discovered by him first, if at all he did discover it independently(which itself sound implausible). Also in this article at Techgoss Sunny claims that people from Orkut visited him when they learnt about his discovery. Now lets set one thing straight, if representatives of large software companies like Microsoft, Google, Oracle, Sun etc would visit each and every person who found a bug/flaw in their software, they would have to dedicate quite a large number of people for just that. No one does that. Also when someone discovers a vulnerability, they prepare a proper report/advisory (like the one done by Susam or NetSquare) and publish it either on their site or on sites/lists like Bugtraq or on the mailing list of the particular project. They DONT write a small paragraph on their site and go to the media with it. Have you ever seen anyone reporting Windows vulnerabilities on the daily news? No, that does NOT happen.
So that’s all for now. Will get back to learning Go now. I guess this post should be titled “Demolishing Ankit Fadia v 0.01 Service Pack 1 with Sunny Vaghela Vulnerability Critical Update”. What say?
Demolishing Ankit Fadia v 0.01 Service Pack 1 by Sandip Dev is licensed under a Creative Commons Attribution-Share Alike 2.5 India License.
The author of this blog does not bear any responsibility for any comments made by visitors on this blog.
December 6, 2009 § 10 Comments
Woke up at 11 in the morning, brushed my teeth and all…Sat down at my desk to study for the end semester exams tomorrow but did not feel like it…So decided to do something fun..
Twitter is quite popular and people are just dying to join up and tell everyone what they are doing, what they had for breakfast, when they are going shopping and other such ‘important’ details about their daily life, whether people care to listen or not. Nevertheless its a good service.
So yeah, coming back to the point. Long ago I had seen this shell script to tweet from the command line. And I have been into Python over the last few days, so decided to cook up one of my own in Python. Given below is the result of my last 20 minutes of work.
Caution: Won’t work in windows because it does not have curl. Coming up with a Windows version soon.
Save the code in a file say ‘tweet.py’.To run this do a chmod +x tweet.py and then just type ./tweet.py “Your message” and it will be posted. But before that, you will need to open up the tweet.py file and put in your Twitter username and password in it. Check out the third and second lines from the bottom. That is where your username and password goes, inside the quotes. And you are all set.
#!/usr/bin/python import sys from os import popen def tweet(user,password,message): print 'Hold on there %s....Your message %s is getting posted....' % (message, user) url = 'http://twitter.com/statuses/update.xml' curl = 'curl -s -u %s:%s -d status="%s" %s' % (user,password,message,url) pipe = popen(curl, 'r') print 'Done...awesome' if __name__ == '__main__': if len(sys.argv) != 2: print "Usage: tweet.py <message>" sys.exit() message = sys.argv if len(message) > 140: print "Message too long" sys.exit() user = "barneystinson" #put your username inside these quotes password = "awesomeness" #put your password inside these quotes tweet(user,password,message)
November 16, 2009 § Leave a Comment
This is my personal blog (Please notice the emphasis on the word ‘personal’). Moreover, the Indian Constitution gives me freedom of speech and expression. These two facts imply that I am free to write whatever I want on this blog. Anything and everything that is mention in this blog is either my personal opinion or a verifiable fact or both. For example, when I say “ZFS is a 128 bit file system”; its a fact. If I say, “Ubuntu is better than Mandriva”; its my personal opinion. And I have every right to form a personal opinion and also to write it on my blog.
If any of the statements made in this blog, hurts the sentiment of any person and/or organization, I am extremely sorry for that. However, I will NOT take it off the blog. Those are my statements and I stand by them. If at any time in future, any of my opinions are proved wrong, categorically and with proper evidence, facts and arguments, I shall publicly admit the same on this blog. In fact, if I don’t, you are free to remind me of the same. I am open to facts and evidences and am ever ready to change my views in the light of verifiable evidence. But unless evidence to the contrary is provided or I stumble upon it, I shall not change my opinion.
However, this is a free world and you are entitled to express your opinion as much as I do. Therefore, if you think that any of what I have written is wrong as per your established views, you can leave those opinions as comments and I will publish them provided they are reasoned arguments and in a civil language, and I shall also answer to them. You can also try convincing me to change my point of view.
Lastly, I am not an expert on any topic other than squandering my parent’s money and wasting time. Therefore, my views expressed on this blog on any subject barring the aforementioned should be read with discretion. I can not and will not guarantee that whatever I say here is correct. However, I always strive to provide a correct and well judged viewpoint to the best of my mental faculties. But, like any human, I could be wrong. And as mentioned earlier, you are free to argue with me on that.
If you don’t like what I write, you can do either of the following
- Stop reading this blog and ask your friends to do the same. But, then, I don’t make money from this blog and therefore I don’t really care. This blog is for my friends to read and they will always come back.
- Publish another blog debunking me. However, I am not sure if I am that important to deserve such honor. Nevertheless, my best wishes if you want to do that. It will surely be fun to read.
- Sue me. But nothing’s gonna come out of it. I have a faint understanding of laws relating to blogging online and I can assure you, no clause of the IPC or IT Act will empower you to make a successful case against me.
- Leave comments telling me I am wrong. Please do that and I shall approve those as long as the language is civil and the arguments reasoned.
What you cannot do
- Please do not mail me with your grievances. You will not elicit a reply. If you want to communicate, do it as comments on this blog.
- Make a plea to stop me from writing or discussing about anything/anyone. I honor arguments not pleas.
- Try to call me and discuss your grievances.
- Try to get some mutual friend to call me and ask me to restrain myself. Not gonna work. You can however, drop me a comment wanting to talk to me and I might honor your request and if you so desire, I shall not publish that comment. It will be between you and me
- Spam my phone with SMS or calls. I shall straight way take the matter to the cops
Also understand that, it is not in my nature to slander any person or organization. I respect people and their abilities and consider that everyone is brilliant in their own ways. But as a human being, it is in my nature to form opinions. We do that all the time. However, I have no agenda against anyone. If I write against anyone, it is probably because I feel strongly about it and I want my readers to be aware of it. Again, I repeat, my opinions could be wrong. But I try my best to be right.
So bottom line: THIS IS MY BLOG AND I SHALL WRITE WHAT I WANT AND WHAT I THINK IS RIGHT.
September 26, 2009 § 204 Comments
We all know who Ankit Fadia is. He is self proclaimed child prodigy in ‘hacking’ , a self proclaimed ‘world famous’ expert is computer security and digital intelligence consultant (digital intelligence? Does he mean AI. I never heard this term getting used anywhere in print other than by Mr. Fadia though I agree its a perfectly meaningful amalgamation of the two official sounding words ‘digital’ and ‘intelligence’) .
However that picture of Ankit Fadia is very likely untrue and let me present a few findings so that you can decide for yourself. Please understand that the findings are either my own of collected from various websites. Wherever I have gathered info from any site, I shall mention the link so that you can find out. The information provided here is true to the best of my knowledge (and googling skills). And I request you to point out if I am wrong. The views expressed are my own and issues in public interest. I shall be constantly updating the information on this post as and when I gather more information on Mr. Fadia. Hence the v 0.0.1 at the end of the title.
So lets begin with his profile on http://www.hackingmobilephones.com/courses/about.php . I will highlight the interesting parts in blockquotes and add my view and/or proof below.
1.His profile on http://www.hackingmobilephones.com/courses/about.php
a.Milestones in Ankit Fadia’s Life
AGE 14 Published his first book titled The Unofficial Guide to Ethical Hacking which became an instant bestseller worldwide, sold 500 000 copies and was translated into 11 languages.
My opinion: Have you read that book? Here are the reasons why the book sucks
- Most of the so-called hacks are in Windows (98). Show me one hacker/cracker who uses Windows. If you ain’t using Unix/Linux/Solaris you ain’t no hacker mate. Why? Coz Windows hasn’t got half the tools and features that one requires to do a successful system penetration. For a deeper understand read a book on the Hacking Exposed series.
- Registry hacks and tweeks are passed off as hacking
- At many places credit has not been given to the person who found the exploit. For that matter, most of the exploits were very very outdated by the time the book published. Even in his Certified Hacking Courses by Reliance, he shows exploits which have been patched several years ago and are therefore useless
- Many of the exploit code given in his book have errors and some very obvious ones. :p
b.AGE 16 After the Sept. 11 th attacks, cracked an encrypted email sent by the Al-Qaeda terrorist network for a classified intelligence agency.
- Again only Ankit Fadia says he has done that. No other sources including any intelligence agency has corroborated the statement.
- Most intelligence agencies like NSA have expert cryptanalyst with PhDs and super fast clusters to get their job done. They wont require a 16 year old. Cryptanalysis is a serious job. Just read Applied Cryptography by Bruce Schneir or Introduction to Cryptography by Tanenbaum to get an idea how challenging it is. It would be like putting the control of India’s Moon Mission in the hands of a monkey instead of ISRO’s Madhavan Nair.
c. AGE 21 Widely recognized as an Ethical Hacker, Computer Security Expert and Cyber Terrorism guru. Written 13 bestselling books, delivered more than 1000 seminars in 25 countries, received 45 awards, provide certification courses on Computer Security, is writing a script for a movie, runs his own consulting company and is a senior at Stanford University.
- Best selling books? By whose standards? I don’t find him anywhere inNew York Times, Book Sense, USA Today, Publisher’s Today. A sales figure of 3 million as he proclaims is nearly a third of what Mein-Kampf or Catch 22 reached and his books did that in a fraction of the time. Sounds shaky, doesn’t it? Does to me
- Most of his books have been published in India only. Other than The Unofficial Guide to Ethical Hacking, Network Security: A Hacker’s Perspective, Hacking Mobile Phones,Email Hacking, Windows Hacking most of his books are hard to come by. Also Windows hacking is nothing but a compendium of Registry Hacks readily available from the Internet. Do read the comments on his books at amazon.com and you will get a clearer picture.
- Almost all the content in his book are copy-paste work from the Internet, that would even put the laziest Computer Science student to shame.
- The best I can say about Mr. Fadia is that he is a very good salesman because time and again he has convinced his publisher to publish his books. Thats no mean feat considering the shit that he peddles as ‘hacking’.
- Its been mentioned time and again that he runs his own consulting company but I have never come across the name of the said company.
2. Again, as per http://www.hackingmobilephones.com/courses/about.php his clientèle includes Google, Citibank, Shell, Volvo, Thai Airways, UOB Bank, PT Cisco Systems, Bank of Thailand, Bangkok Public Bank, Amari Hotels, BlueScope Steel, Jumeirah International, Wipro, Singapore Health Promotion Board, Infosys, Satyam, Schering Ltd.
My opinion: This list seems too good to be true. It exceeds clientèle of various well know security consulting firms. Again, none of the above mentioned organizations have corroborated Fadia’s claims.
3. Widely celebrated in international media publications, Fadia is also regularly invited by BBC Radio World News, London to share the latest updates on virus outbreaks, loopholes and cyber crime trends.
My finding: I searched the BBC site to find one reference to him being on the said show. Guess what I found? Nothing. Nadda. Zilch. So if anyone can give me the link to any of his interviews on BBC, I will agree. Until then, let it hang in balance.
4. For his outstanding contributions in the field of computer security globally, Fadia has been honored with numerous awards namely: Indo-American Society Young Achiever Award 2005, IT Leader Award 2005, Person of The Year 2002, Limca Book of Records, Hall of Fame Award, Outstanding Young Achiever’s Award, Silicon India Person of the Week, Embassy State Award, Best Speaker Award (4 occasions), Student of the Year 2002-03 and many more.
My findings on his awards:
- Microsoft Most Valuable Professional Award: A search on https://mvp.support.microsoft.com/communities/mvp.aspx?name=ankit+fadia yields nothing about Mr Ankit Fadia
- Indo-American Society Young Achievers Award: The award exists but nowhere is it mentioned that he received it ever.
- CNBC Young Turk : I have not been able to verify this. Tough it is probable he did come on the show.
- Person of the Year India 2002, Limca book of records: Again a search on the site yields nothing about any Ankit Fadia
- Gold Medal 2003 from Institute of Defense and Strategic Studies, Singapore: I could not find anything on it. So its neither proved nor disproved.
- Asian American Outstanding Achievement Award Nominee at Stanford University: Again he claims to be a nominee which cannot be proved unless I contact Stanford and ask them. Their site only maintains list of people who have won the award or a nominee for the current year. There is no list of nominees for previous years.You are requested to kindly dig up about the other awards. I am bored now.
5. Fadia is also a consultant to many universities in India, Singapore, China and USA on the design and structure of their computer security courses.
My question: Will Mr Fadia be so kind as to provide references and/or links to universities for which he designs courses? You will find this thing occurring over and over. Fadia never provides links or references to many of his achievements. Isn’t that strange? I have gone through profiles of various researchers and they all provide links and references wherever possible.
6.According to Wendy McAuliffe at ZDNet UK, Fadia’s Hacking Truths website was judged “second best hacking site” by the FBI, though no ranked list of “hacking sites” has been published by the FBI.
7.In April 2000, Rediff.com published an interview with Ankit Fadia. Anti-India Crew (AIC), a Pakistani hacker group noted for defacing Indian Government websites, rubbished the claims that Fadia had made in the interview. Fadia had claimed that his alert to a U.S. spy agency had prevented an attack by Pakistani hackers. However, he never divulged the name of the agency, citing security reasons. AIC and another Pakistani hacker group WFD defaced an Indian Government site, epfindia.gov.in, and “dedicated” it to Fadia in mock deference to his capabilities to hack or prevent hacking. AIC also said that it would be defacing the website of the Central Board of Excise and Customs (CBEC), http://www.cbec.gov.in, within two days and challenged Fadia to prevent the attack by patching the vulnerable website. AIC maintained that Fadia should stop calling himself a hacker, if it succeeded in hacking the CBEC website. AIC kept its promise and defaced the CBEC website after two days. At another defaced website (bhelhyd.co.in), AIC termed the claims of Indian media about Ankit Fadia as “Bullshit”.
So why is he famous? There are various reasons.Firstly, masses are computer illiterate. They see computer security as some sort of dark magic wheres it is a systematic process, a science. Hence these people can be easily fooled by the FUD campaign that are done by the likes of Ankit Fadia. They instill fear and show some nice tricks that fool everyone into a false sense of vulnerability. While I would not be so naive as to suggest that Internet is very secure but many such ‘independent’ security experts make tall claims and demonstrate their attacks in a very controlled environment on a weakened security set up that just asks for a break in.
The other aspects that contribute to such fakes getting attention is obviously shoddy journalism. They print whatever might catch readers’ attention and a child prodigy in computers does that like nothing else in a ‘idol crazy’ nation of ours. Most journalists are either too lazy or do not have the necessary competence to evaluate his credentials.
As to why Reliance does a Ankit Fadia Ethical Hacking Course. The answer is simple. It sells. And it seems the certificate given by Reliance are not recognized by the Certificate Authority of India. So basically its more like a scam. Read this http://lists.sarovar.org/pipermail/plus-discuss/2006-April/000288.html I am not sure about the current status of the certificate.
And Ankit Fadia is neither the first nor the last of these fakes. Go to http://attrition.org/errata/charlatan.html for a larger list.
You may also read this email sent to FSF mailing list http://tutorial.web4all.in/archives/fsf-tn/2006-April/000293.html
And finally, what is ‘ethical hacking’? Hacking as I know it (and what people like Richard Stallman, Eric Raymond, Dennis Ritchie, Linus Torvalds and others would tell you) is about exploring and knowing in-depth about computers. Its also about making a computer do things that it wasn’t programmed to do and it comes from in-depth knowledge about the system. Hacking is NOT cracking someone’s email password by installing a trojan (or some other lame way) or defacing websites and causing loss of any kind. Hacking is a passion to learn and explore. The ones who break into system to cause harm are called crackers. Hackers like Richard Stallman don’t steal credit card details. Crackers do. So basically there is nothing unethical about hacking. Ethical hacking is a term coined by some sales people to sell basic network security and network administration course, books and solutions to gullible customers. Once you term it ethical hacking, it attracts novice users wanting to crack their girl friend’s email password, wannabe network administrators and some people seriously interested in computer security. While many of these courses are good, the usage of the word ‘ethical hacking’ is deplorable.
Demolishing Ankit Fadia v 0.01 by Sandip Dev is licensed under a Creative Commons Attribution-Share Alike 2.5 India License.
The author of this blog does not bear any responsibility for any comments made by visitors on this blog.
July 22, 2009 § 1 Comment
A file manager is a ubiquitous bit of software. In windows you have the much outdated Windows Explorer and Nautilus in GNOME. I think file managers need a major shift.They have been doing the same things for many years now, managing files. Managing files were good when all you had were text files and binaries and very small storage space. Now, we have various forms of media (music, images, videos) including media that we watch, tag and bookmark on the Internet. And we have excess of 300 GBs of storage space. All that means that files are really easy to store anywhere and its even easier to forget their location.
So what would my ideal file manager be? Well below mentioned are a few requirements
1. Tagging of content(files). Many File managers already allow this. But its more important to make sense of the tags. For that we will need to understand the semantics of the data in the files. And that means a semantic file system. Lots of projects are working toward this viz, WinFS, GNOME Storage etc and none have really succeeded. With a semantic file system, your OS will “understand” the contents of your data, like which pics of your contain which friends and how they are related to the contacts on your address book. That would also simplify search.
2. Do away with directories. Directories should only be there for the OS and programs to stores the binaries. For the user, there should be no directories.I should be able to put a file anywhere in my home directory and I should have access to it based on the tags attached to it. These tags will also form ad-hoc and/or permanent directories.
3. I should be allowed to manage my online media (photos on Flickr or Picasa, videos on Youtube) as if they exist on my local hard drive. My online bookmarked content should appear on my local folder. Also I should be able to search online media right from my file manager. All of this is possible with many of the APIs provides by Yahoo and Google etc. Basically my online and offline content should be merged. I should be allowed to drag and drop media from my local drive to any of these sites.
4.I should be able to view my orkut scraps, facebook wall updates and twitter content right inside my file manager and reply to them as well.
5. Online docs and files should be visible locally. Of course you will still require an internet connection to view the contents.
Basically, I think that the next generation file manager should be Web 2.0 enabled. I should be able to access web services without using a browser. However, the architecture should be modular so that newer plugins can be added for different types of media and services as and when they come up.
The opinions mentioned above are my own. You many not agree with them or you might have better ideas. In either case, you are welcome to share them here.