Skip to main content

Posts

Story of a Drupal theme mis-configuration, Hacking and Ministry of Defense India

If you have been following news or were online for past couple of hours you might have noticed this news making a tweet-storm and appearing all over your timeline regarding how India's Ministry of Defense website got hacked (allegedly by 'Chinese' origin).
Almost all the big media outlets covered it. Including
* Youtube : TimesNow * Times Now * Hindustan Times * NDTV
* Business Standard * Times of India An example of the coverage

Fueled by our own famous ministers chiming in with their own ideas

Action is initiated after the hacking of MoD website ( https://t.co/7aEc779N2b ). The website shall be restored shortly. Needless to say, every possible step required to prevent any such eventuality in the future will be taken. @DefenceMinIndia@PIB_India@PIBHindi — Nirmala Sitharaman (@nsitharaman) April 6, 2018
It all seemed for the fact that the homepage of the websites showed this image with a Chinese character
And though most of india's government portals and websites aren'…
Recent posts

April Fool and Google Compilation: 2018 Version

Every year different teams withing Google spend considerable amount of effort - both time and money to make to come up with awesome nerdy April fool joke/products. I have started following the trend since last two years and they never seem to disappoint. What I have been able to find this year are:
Where is Waldo - Google Maps TeamOften Google Maps team comes up with quest/games or real worl overlays that you can interact and play in Maps. In past we have seen pac man appear in map and this year it is Waldo. Once you open your Google Map in android or iPhone Waldo will be waving his hands at you and clicking him will take you on a quest to find Waldo in different maps location. You can play and level up. I gave up after level 3 realizing my eyes aren't that great at finding Waldo. The most interesting part of the quest seems to me that you gain badges with more quest you do and the better you are able to find it. Way to go in gamifying a April fool's joke. More information on…

HackRice 7.5: How "uFilter" was born

I have a thing for Hackathon. I am a procrastinator. A lazy and procrastinator graduate student, not a nice combination to have. But still when I see hundreds of sharp minds in a room scrabbling over idea, hungry to build and prototype their idea. Bring it to life, it finally pushes me to activity, makes me productive.  That is why I love Hackathon, that is why I love HackRice, our resident Hackathon of Rice University.

TL;DR: if you just want to try the extension, chrome version is here and Firefox version is here.
I have been participating at HackRice since 2014, when I think for the first time it was open for non-rice students, and have been participating ever since. What a roller coaster ride it has been, but that is a story for another day. HackRice 7.5 being the last one I will be able to attend at Rice, it was somewhat special and emotional for me.
HackRice 7.5 was a tad different form the other iterations. For starters it was the first time it was being held in Spring semester…

macOS High Sierra App Preference Unlock Bug : Be high to unlock that padlock with any password

It has been a very interesting year for macOS. If we keep security in mind. Afterwe all were enjoying the "elevated" privileges[1], combined with the 'root'less effort[2], taken to a new high[3] by apple.  And not forgetting the local notification bug [4].

We really thought it was all over. But then again....how about unlocking your App Preferences panel on your high sierra without any password at all?

Steps to reproduce:
Open System PreferencesOpen App StoreCheck if your padlock is locked. Else lock itTry to unlock it and click on "Use Password" optionPut any password you want in it and it will unlockHow cool is that -_-
If you don't have access to a machine, here is a nice cool video I just recorded showing it in action


Not sure if it will actually be called a security bug. But there is a bug report atleast now with this video if they take notice.


MobileDay Mexico and Mixed Reality

I was invited for a talk at Mobile Day, Mexico last week on 31st October. Mobile Day is a day of conferences aimed at the development of business mobile applications. It consists of a series of lectures, workshops, and a showcase. Mobile Day 2017 was focused on Cross-platform mobile development, especially Progressive Web Applications, Cognitive services (chatbots, recognition of language and images), Virtual and augmented reality and User experience design for mobile applications. I was speaking about Web Mixed Reality at the session. Though initially my session was focused on WebVR and AR, "Virtual Reality for Humans: Build your world using WebVR and aframe" judging from the reaction of the audience and what interaction I had with them, I tweaked it to include the full spectrum of Mixed Reality.
The event was held at "Sal√≥n Los Candiles Polanco" which essentially was housed a Hospital as well. The venue was a spacious one and my only complain with the venue would b…

Hackrice 2017 and HarveyTrack : How social media can help in disaster management

Each year Rice University holds an annual Hackathon for everyone to participate and code away their weekend. All the students who participate trade away their sleep for a weekend to build something cool in 36 hours and showcase it. That's how hackathons are and that's the thrill of it.
And I love that thrill. I love taking part in Hackathons. It's a way for me to work on my ideas, hobby projects which I always wanted but never could, because of the classic time crunch of being a graduate student at Rice. Classes, Research and Valhalla take away most of your time and you hardly get enough time to work on your side projects.

My affair with HackRice goes back to 2014 when I first participated in HackRice from Dallas and won the Mastery Of Computer Science award by the department of computer science. That kickstarted a snowball effect which is responsible for much of what I am today. But that story is for another day and demands another blog post all by itself.
This year HackRice…

Open Source Bridge 2017 :Democratize Virtual Reality

It's almost no secret that I love Open Source Bridge. There are plenty of super awesome developer conferences out there. A lot of which I never visited. But even among the ones I was fortunate enough to visit, Open Source Bridge is very special.
This all-volunteer run conference has a special place in my heart and this time it was my third time visiting it. The first two times were pretty interesting for me too. The very first time I visited Open Source Bridge was in 2015, to talk about my first contribution to Firefox OS Keyboard. It was my first talk at a conference in the United States, and at a developer conference. Needless to say, I was pretty tensed and excited as well. I still remember that talk, and also OSB made a video of the talk so that I would not forget -_-
In 2016, I was invited to present a talk regarding some IoT work which at that time was still important to Mozilla. OSB stopped recording videos from that year, but this resulted in an opensource.com article which …