????? ???????? ???????
?????? ????? ????? ???? ????????
???? ????? ?? ????? ?? ????? ????????.
????? ???????? ????? ????? ???????? ? ?? ?? ??? ???? ????? ?? ????! ???? ?????? ??? ??????? ????????? ???????? ?????? ??? ???? ???????? ???? ??????? ??? ??? ??? ??????? ??????? ?? ???? ??????? ???????????.
6 ????? ??????? ??? ???? ????????
1. ?????? ????? ??????? ?????? ????????
??? ??? ?? ???? ????? ?????? ????? ??? ????? ????????.
???? ??? ??????? ??? ???? ??? ??? ????? ?? ???? ????? (?? ??? ????? ??? ???? ?????).???? ??????? ??? ???? ????? ??? ??? ???? ?????? ??? ????? ??????? ???? ??????? ???? ????? ??????? (???????) ???? ???? ?? ???????? ?? ?????? !
2. ??????????????
???? ???? ??? ?????????? ?? ???????. ??? ??????? ??? ?????? ???? ?? ???? ????? ?? ?????? ?????? ??????. ???? ?????? ?????????? ????? ???????? ?? CPL ???? ??? ????? ?? ????? ?????????? ??? ???????.
3. ????? ???????? ????????
?? ???? ????? ?????? ??? ???? ???????? ???????? ?? ????? ??????? ??? ????? ?? ????? ????? ????? ???? ??????.
??????? ????? ??? ????? ??????? ?? ??????? ??? ???? ???? 60 ?? / ???? (40 ??? / ????) ?? ???? ??? 1/100 ?? ???????.
?????? ??????? ???????? ?????? ???? RIG:
4. ??? ???????
?? ????? ?????? ?????? ???? ????? ?? ????? ?????? ?? ?????? ?? ??? ?????. ???? ??????? ???? ???? ????? ????????? ???? ??? ??????? ?????? ???? ??? ??? ???? ????? ????????.
5. ???????
???? ?? ?? ?????? ?????? ?? ??????? ????????. ???? ??????? ?? ??????? ??? ???? ???????? . ????? ??? ?????? ??????? ????? ???????? ?????? ?? ???????? ???? ???? ?? ???? ??????.
6. ????? ???????? ?? ?????
???? ????? ??? ?? ??? ???? ??????? ?????? ??? ?????.
????? ?? ?????? ??? ???? ????? ???? ???????? ??? ???? ????? ??????. ???? ISO ??? 100? ????? ?????? ??? 30 ?????? ??????? ??? f / 9.
?????? ??? ???? ??? ??????? ?? ???? ???? ??? ?????? ???? ???? 30 ?????.
????? ???? ???????? ???????? ???? ????? ??????? ???? ?? ??? ????? ????? ??????? ??? ??????????
Online Security Crash Course - Part 1
I am not a security expert nor a hacker, but I've had my share of attacks since 1996.
This post is surprisingly not about computer viruses or trojan horses, its rather about the internet & web application security which will help you understand the new/old trends hackers use to gain control or access to private personal information & how to secure yourself against them.
It's worth to note thatI wont be getting technical, this post is meant for the general internet users.
I'll split this post into two parts:
Part One
- XSS & CSRF ( aka the twin evils )
Part Two
- Wordpress Security & SQL Injection
- Your router & the cafe's
XSS ( Cross Site Scripting )
Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
XSS Demonstrated
How does it look like?
www.examplesite.com/index.php?name=<script>window.onload = function() {var link=document.getElementsByTagName("a");link[0].href="http://not-real-examplesite.com/";}</script>
What harm does it do?
Depending on the payload & the exploitable site, WIth XSS an attacker can:
- Steal your cookie & impersonate you
- Friend an unknown friend
- Like a page
- Follow a stranger on twitter
- Show a fake login page
- Basically, perform any action
[box type="info"]Did you know that XSS is as old as the browser?[/box]
Real life story:
Samy is my Hero, In 2005 Samy Kamkar released the Samy worm, Execution of the payload resulted in a "friend request" automatically being made to the author of the virus and in messages containing the payload being left on the profiles of the friends of the victim.
Protection & Prevention:
- Unfortunately, XSS is a website/code/server side attack, luckily modern browsers has basic protection against XSS attacks.
- Also have a look at noScript
Read more about XSS http://www.veracode.com/security/xss
CSRF (Cross-Site Request Forgery)
CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may force the users of a web application to execute actions of the attacker's choosing.
An attack could be embedded as an iFrame, a form or an image source (hidden) on popular sites.
[box type="note"]I'd describe it as a silent XSS, its a 100% genuine request coming from the victim's browser, no antivirus, web protection software or browser's filters that could detect this attack. [/box]
How does it look like?
<img src="https://bank.example.com/withdraw?account=myAccount&amount=1000000&for=EvilAccount">
Note: You won't be able to spot the code above in an attack as this lies in the coding part ( view HTML source )
What harm does it do?
- Query A Bank Account Transfer
- Add an email forwarder
- Place an online order
- Limitless activities
Real life story:
in 2007, Google suffered from a CSRF attack where the attacker could add a filter to forward emails to a specific/another email address (email forward), forwarding all emails that has attachments as an example.
[box type="alert"]When was the last time you checked email forwarders?[/box]
Protection:
You are on your own in this! As explained earlier CSRF attacks are way too legit for the web browser's filters to spot & stop this type of attacks, the site owner/developer should use a technique called (tokens) to stop this attack, there are of course several ways on doing so from the server side.
[box type="tick"]If you are done with your logged-in bank account session, just log out, the same goes to other sites & steer away from saving passwords [/box]
[box type="tick"]Try using two different browsers or (VM), one for sensitive web applications such as banks, email, social networks & one for general browsing.[/box]
Also try not clicking on links from untrusted resources & untrusted websites.
Read more about CSRF http://www.veracode.com/security/csrf
It's worth mentioning XHR (XMLHttpRequest) attacks, which leverage a surface for the attackers to inject various activities to the servers, carried from SQL injections to XSS, many known websites such as the BBC, Yahoo, PollDady, MySpace & more have suffered & still suffering form this silent (sorta) attack.
[box type="alert"]What I have discussed is a little bit scary, silent attacks are not noticeable its not like someone have changed your email password or hacked your twitter account, the hackers gets the feed of your entire life without you knowing so.[/box]
Bonus content: ClickJacking
Tune up for Part 2!
Resources:
- http://en.wikipedia.org/
- https:\/\/zainals.com//zainals.com\/\/zainals.com//zainals.com//www.owasp.org
- http://www.veracode.com/
Galaxy Note 10.1 VS the new iPad [iPad 3]
Are you thinking of getting a new tablet & you are stuck between the two devices?
I personally haven't bought any tablet since the first iPad, Simply because I have been watching the tablets evolve for the past 3-4 years & non of them were able to get me convinced to replace the first iPad.
But this is different, I am referring to the new Samsung Galaxy Note 10.1, this is the door to the future, an advanced tablet with real Multi-Tasking power. ( watch the video above & you'll know what I am talking about)
Below is a comparison table between ( Samsung Galaxy Note10.1 V.S the new iPad [iPad3]):
[avia_table]
Galaxy Note 10.1 | new iPad | |
Display | 10.1"WXGA | 9.7" Retina |
Processor | 1.4GHz Quad-Core | 1GHz Dual-Core (A5X) |
Memory | 2GB RAM | 1GB RAM |
microSD Support | Yes | No |
Front Camera | 1.9MP (720p HD Recording) | VGA |
Back Camera | 5MP w/LED Flash 720p HD Recording | 5MP AF 1080 Full HD Recording |
Additional Features | TouchWiz, Hubs, AllShare Cast, WiFi Ch. Bonding, Dropbox, Smart Stay | Voice Dictation /iMovie/ iPhoto |
Digital Pen Writing | S Pen Embedded Adobe Photoshop Touch | [table_icon minus] |
Multi Screen | Yes | No |
[/avia_table]
[quote style="boxed" ]I'd give credit to the new iPad for its 1080 Full HD recording & the Retina display but the rest would go for the favour of Samsung Galaxy note 10.1[/quote]
VIVA Got a new look!
[dropcap]W[/dropcap]e have spent a fair time researching, gathering requirements, design translation & dwelling into usability best practices for this project, I am now proud to announce that we have launched our new revamped website @ viva.com.bh - I have highlighted below some of the new features that have been introduced with this release.
This is not the end , we have introduced way more features on our new website, go have a look yourself @ viva.com.bh & remember this is just the beginning ;)
????? ?????? - ????? ????? ????????? ????? ??? ??? ??????? ???? ??????? ???????
????? ????? ????????? ????? ??? ??? ??????? ???? ??????? ???????
???? ????? ??????? ????? ?? ???? ????.. ??? ??????? ???????? ??????? ..??? ??????? ??????? ?????? ? ?? ??? ????? ?? ??? ????? ??????? ?????? ???????? ????????? .. ??? ??? ?? ??? ???? ????? ?? ???? 2011?.. ?? ??? ?????? ?? ???????!!!
???? ?????? ??????? ?????? ????? ?? ?????.. ?????? ????? ??????? ?????? ?????? ??? ??? ???? ?????? ????? ????? ??????? ?????? ?? ??????? ??????? ???? ??????? ?????????.. ???? ????? ?????? ?????? ??????? ????? ????? ????? ??????? ??? ?????? ????? ????? ????? ?????? ???? ???? ?????? ??????? ?? ?????? ?????? ??? ???? ???? ????? ???? ?? ??? ?????..
??? ??? ??? ????? ??????? ???? ?????.. ?????? ?? ?? ?????? ????.. ???? ?? ????? ?????? ????? ? ???? ?????? ?? ????? ??? ???? ???? ?? ??????.. ???? ?? ?????? ???? ???? ??? ????????.. ???? ???? ??? ?? ???? ????????? ?? ?????? ????? ?? ????? ?????? ???????? ??? ????? ??????? ???? ??? ?????? ??? ????.. ???? ???? ???? ?????? ?????? ??? ????? ??????..
????? ???? ???? ???? ???? ?? ?????? ???? ?? ?????? ??? ????.. ?????? ?????? ?????? ???? ????? ??????? ???????.. ??? ???? ?????? ??????? ????? ?? ?????? ??????? ??? ??????.. ??????? ????? ?????? ???? ???? ?????? ????? ??? ???? ??????? ?????? ???????? ??? ????? ???????? ??? ??????.. ?????? ?????? ???????? ??????? ??? ?? ???? ??? ????? ??????? ???.
??????? ????? ????? ??????? ?????? ????? ???????? ?????? ????????? ???????? ?????????? ??? ??? ?????.
???? ????
???? ????? ?????????
hardees hotline hungerline number
Why would anyone be looking for Hardees hotline Hunger-line telephone/contact number?
Well! You must be hungry and looking for the Damn hardees hotline number in Bahrain and reached here ha?
well here it is
Telephone #: 17711112
[box type="tick" style="rounded"]The contact number is correct, so scroll down a little & say Thank you Moe[/box]
bon appetit
Video: Weam Zabar - Founder of Namaste-Bahrain
Namaste is a new upscale destination in Budaiya offering holistic wellbeing experience. They offer a feng-shiu style center with a yoga studio, reiki treatment room, meditation room and a small retail shop in a serene and beautiful setting.
http://www.namastebh.com/
VIVA Racing team - Video
I joined VIVA Racing team @ the BIC to capture few moments from Round 2/Race 2 of the WGA Chevrolet supercars championship, the video splits into 3 parts: preparation, qualifying & the 2x races.
Special thanks to:
- VIVA Racing team & crew
- Tariq Zainal for the great photos
Shot with Canon 600D
Canon 50MM 1.4
Canon 18 - 135 3.5
shot @ 24 & 60fps
ISO 100 - 800
Shutter speed 50, 125 & 200
Old Bahraini Passport
I have found these old Bahraini Passports with my uncle, they belong to my grandfather who passed away long time back, notice the name of the country " Government of Bahrain and Dependencies?"
VIVA Bahrain Sponsors WGA Supercars Championships Racing Team
VIVA Bahrain is proud to announce its sponsorship of the VIVA Racing Team competing in the Western Gulf Advisory (WGA) Supercars Championship Middle East as part of this weekend?s National Racing Festival. The team consists of Bahraini 22-year-old, Raed Raffii and 38-year-old Australian Tarek Elgammal, who will be competing in the opening race of the series. In its fifth year, the WGA Supercars series is one of the most competitive and sought-after racing categories in the Gulf.
The team are now participating in the qualifying heats taking place on November 18th and then the first round of the race on November 19th.? Raffii, who is also a Roaming and Interconnection Analyst at VIVA, has competed in the last two seasons of the WGA championship, winning 10 races and making the podium at 12 others.
With 10 years of racing experience behind him, he has won several endurance karting races all over the Middle East.
Elgammal on the other hand is a Supercar racing veteran who also doubles as a freelance senior instructor at the Dubai Autodrome and Yas Marina Circuit in Abu Dhabi. He has competed for several years around the Middle East and as far afield as France, last securing 2nd place overall at the Chevrolet Supercars Middle East Championship 2010 in Dubai.
?We are very proud to be part of such an important national championship event,? commented Ulaiyan Al Wetaid, VIVA acting CEO. ?The Bahrain International Circuit is the proven leader of motorsport events in the region, and this National Racing Festival is sure to be an exciting time for all. We wish the team?s best of luck and look forward to a good show.?
The 2011/2012 campaign in the WGA Supercars will feature a total of six rounds, with two races per meeting. The calendar will run all the way until April of next year, when the championship finale will be held as part of the official support program of the Formula One Gulf Air Bahrain Grand Prix.