phone – Paul's Tech Talk

Some program Vulnebilities Detected!!

PaulNovember 25, 2008

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I’ve found:

Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

[ad#ad2-right]iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets “you easily create, sign and distribute configuration profiles using a web browser”. A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program’s files folder.

Streamripper Multiple Buffer Overflows
Streamripper “records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows.” Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user’s system.

Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.

These are the ones that I found and wanted to let you know about these so you can make your system even more secure. if I find any others I’ll let you know!!!

Get your Cricket Broadband to Activate Manually!

PaulNovember 19, 2008

[ad#cricket-1]I recently bought a Cricket Broadband USB for 40$ a month. I tried to get the system to activate it automatically but that kept on failing. Finally called the tech support and found out this little tip. So here is how you manually activate it:

Once your are to the Quicklink Mobile Menu you will want to hit Control-D:

It will bring up this:

The Password to get into manually activate your Broadband USB card is six zeros no more no less!!

Once your enter the password your will get this screen:

[ad#cricket-1-1]Activation Code : Same from above Six Zero’s

Phone Number : The Phone number that is your broadband card

The IMSI (Min) Code : You will find that in the Indirect Dealer Copy. It will be the one telling you another number. In mine it said this:

“In order to program your phone, you will also need the following number (###)###-#### (MIN)”

Enter that number in there without any special characters it would be ########## and then press enter. Close out the Quicklink Mobile menu and reload it. Then click Connect and you should be ready to go!!!

Looks like a scam to me : Personal Shopping Assistant!

PaulNovember 14, 20087 Replies

[ad#ad2-left]

Good afternoon!

We found your resume at _________________ and we would like to propose you a
position of Personal Shopping Assistant.

Imagine having an exciting job with incredible salary (up to $100,000/year) that
lets you use your creativity while being paid to shop. Welcome to the world of
personal shopping!

As we know shopping is the world’s favorite leisure activity, but in our busy
society an increasing number of people need to hire someone to do their
shopping. Thus personal shoppers are more in demand than ever before.

There are absolutely NO START-UP FEES and NO FEES for being employed at this
position. As long as you live in the USA, and you have a credit card or any
other line of credit, have 1 or 2 free hours during the day – you are eligible
for this job!

[ad#ad2-right]This is what you will have to do in short:
• Purchase the requested goods using your credit card.
• Send us receipts.
• Wait for us to issue a credit to your credit card in the amount of purchase
plus shipping fee plus your commission which comprises 10%.
• Ship out the goods.
• You are finished, come back for a new list of goods.

If you are interested in Personal Shopping Assistant position please fill in the
form below and send it to: Open2usa.job.dep@gmail.com
Our manager will contact you within two working days.

————————————————FORM————————————-
Full name ______________________
Residence country _____________________
Age _____________________
Contact phone ______________________
Availability time _______________________
————————————————FORM————————————-

This letter confirms your resume has been duly processed and your skills
completely meet our requirements for Personal Shopping Assistant Vacancy.

Thank You,
John Walker

[ad#ad2-left-1]I wanted to bring this up because of two things that I saw first off that made this look like a scam. One is they want to “CREDIT” your credit card and two they use a GMAIL account. I am going to say this is looking more and more like a scam. If anyone else has any other ideas about this just leave your comment. I don’t see how this can be real. I am thinking once they have your credit card information, they’ll start using it.