Google Chrome Update Errors

Two weeks ago I've had a problem updating my Chrome. The error message I got when viewing the "about" window was "Update server not available (error: 3)":

The problem is caused by improper registration of Google Updater as a COM component in the registry (don't ask me how or why it happens, but it already happened to me two times in the last two weeks).

After searching the net a bit, I've seen some people who complained about the same error, but it took me some time to find a real solution:

Go to your Google Updater directory (in Windows 7 it's %userprofile%\Local\Google\Update) and run 'GoogleUpdate.exe /regserver' (make sure you elevated your privileges to Administrator before that) and voila! No more errors! (You don't even need to restart your Chrome).

On a side note: I'm really busy these days, with the University and all, but I got at least one cool project I'm going to release soon (just need to polish some corners here and there). So beware :)

Creating HTML Signatures in Gmail with Google Chrome

In the last couple of months I've been a heavy user of Google Chrome. I got really addicted to its amazing speed, comparing to IE and Firefox.

Yes, Google Chrome is still under development - there's no fancy interface to extensions yet, Greasemonkey needs a command line switch to be activated and so on. But the speed just makes it worth.

Anyhow, in my Firefox days I used the Black Canvas extension to add HTML signatures to my outgoing Gmail messages. Nothing too fancy -- just a grey text and a link to my blog.

Google Chrome, however, doesn't support such extensions, so I searched for an alternative and found this tool.

This little application creates an inline Javascript that should be dragged to your bookmarks bar, and with a click of a mouse it adds the signature you created into the message. Sounds good, nay?

Well, besides that this generated scripts downloads an external script (http://code.jquery.com/jquery-latest.pack.js) which only god knows what's there, another problem popped up.

When I first used this tool I clicked on the link and nothing happend. No Javascript errors. Nothing. Then I remembered that I'm using the Gmail's lab tasks feature. Closing that window made the script work.

Why not create a smaller, working version, I thought. And I did. There it goes:

javascript:void ((function(){document.getElementById("canvas_frame").contentDocument.getElementsByTagName("iframe")[0].contentDocument.body.innerHTML += "your HTML signature";})())

Where your HTML signature can be a hand-made HTML/CSS code or an auto generated by a WYSIWYG editor like in the tool's page.

So all you need to do is create a new bookmark to this Javascript, and click on it whenever you'd like to add your signature to the mail you're currently sending.

Yeah, it's a hack, so use it on your own risk, blah blah blah.

Job Proposals Everywhere

While working I was checking some HTTP headers of random sites, and I stumbled upon these headers:

Server: nginx
Date: Mon, 22 Sep 2008 11:17:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://developerinsight.wordpress.com/xmlrpc.php
Content-Encoding: gzip
Vary: Accept-Encoding

So who wants a job? :)

New Facebook Worm?

I got this mail from Facebook today, notifying about a new private message:

---

*** sent you a message.

Subject: Hi my friend.

"This is you on hidden cam. lol:
http://myvideo.d9.pl/"

---

The site is currently giving a page in polish, but no malware or exploit whatsoever. It probably went down.

The message did not appear in my Facebook's private messages list nor in the notifications, which means that Facebook somehow deleted it from their database.

Beware.

Ynet are Ignorants

Quoted from this URL:

What the hell is colliding there?

Credit goes to Segal.

MySpace HiDef MP3 Download

I've got some bands I like that publish their music through MySpace, but I was quite frustrated to find out that the streaming music quality that is provided by the site is pretty low.

Then Ami showed me this site, that allows you to download the original mp3 files that the user uploaded to MySpace!.

Just click on audio, and put the URL of the user in the textbox.

I haven't tried to find out what's going on there, but I guess that the links are found in the original MySpace user page, or that someone reverse engineered MySpace's media player and revealed the URL of the original mp3's. Anyhow it's quite a shame for MySpace to put the original uploaded mp3's under their webroot, but I don't care much :)

iPhone Accessories and Cargo Tracking

After purchasing my iPhone and before unlocking it, I used to hang out with three different devices: iPhone (for accessing wifi networks and just being cool), cellphone and an iPod.

The main target was to drop down to only one piece of equipment - the iPhone, so first I needed to get my iPod out of the picture.

As you may know, the iPhone usually comes with 8GB of flash memory (a 16GB model have been released last week), so it also acts as an iPod. The thing that prevented me to use it as one was the earbuds that come with it. I don't like earphones, because I got used to in-ear phones after using 2 different models (Apple in-ear phones and a Pioneer model I bought after my Apple one's got damaged by my stupidity and water). Moreover, I didn't like the sound qualify of the earphones that came with the iPhone because they have a weak mid, and more important, bass response.

My Pioneer phones that are used with the iPod cannot be connected to the iPhone because the mini-PL connector now includes a microphone (it's longer than 9mm), so I decided to search for a mid-high end in-ear phones for my new-precious iPhone.

After digging a bit I've found this V-Moda Vibe Duo in-ear phones, and decided to order them. Needless to say, I've already purchased some stuff over the net, and by paying only 5$ to regular UPS shipping I thought I'll get the package in 2-3 weeks, in which I'll be left in the dark and just sit there waiting for the package to arrive (not really).

Two hours after making the deal, I got a mail from v-moda, providing a link to a tracking page that gives information about my package.

Immediately, the following psuedo-algorithm went into action:

• Wait 5 minutes.
• Refresh the page.
• If a new details about the package has been added: go to your flatmates and update them beatifically about the progess, otherwise: complain like an old grandma about the lack of information.
• Repeat the process until someone from UPS calls and tells you that your package is at the door.

The funny thing is that the whole situation is explained perfectly in this xkcd strip, and that I laughed at Segal while he anticipated a package a month ago while doing exactly the same :)

So the packaged arrived in 3 days (!!!), after passing through Germany and Turkey and I got very happy.

A nice look at the irrational ratio between the headphones and the package itself:

P.S. 1 - for the interested readers (if you got this far) who are interested in details, here it how it looks like:

P.S. 2 - Props to Geohot for unlocking the 1.1.2/1.1.3 OTB iPhones, which allowed me to get rid of my Nokia 6230i too.

Does XKCD Involves Conspiracy?

First of all, for those of you who are not familiar with XKCD - check it out.

It's a preety famous geek web comic, that got headlines in the past week because it changed a google search string results from two to a few thousands (Slashdot story here).

Anyhow, in the couple of months we're living in the apartment here in Jerusalem, we've noticed this webcomic is getting closer and closer to our reality here (and leave the Guitar Hero strips alone! :)).

So there are two options:

1. Someone is spying on us.
2. Our life is duplicated somewhere else in the other end of the planet.

Hmm...

Challenge Sites

The internet is full of challenge sites - those where you need to solve a riddle and reach higher rank or level, and maybe even win a prize :)

Most of these sites are dealing with computer challenges, or if to be more specific - security challenges.

Once upon a time, when I had time to spend, I got addicted to such sites, and solved or partially solved most of the famous ones.

Why I got addicted? Not recently I found out that when I encounter a problem that I can't solve it really bugs my mind, even when I leave it and go to do something else. But I like that feeling. Doing a research to solve problems is one of the things I enjoy the most, not to mention the "high" produced by solving one, which is so addictive, that I must get more of it :)

Considering the educational value, I think these sites allow you to learn random material in the best way: solving real world problems. I've always had a problem with learning stuff just to "know it when I'll need it". So this is a good and healthy way to learn and explore new stuff.

So what makes a good challenge site?

First, the site should include some kind of competition - whether it's based on site-wide ranks or levels that the user advances in.
Second, the riddles should be as clear as possible - I just can't count the number of times I tried solving something without perfectly knowing what I need to achieve. This can be really frustrating to know retroactively that the solution to the riddle you tried to solve for a couple of months is so easy, but you just didn't get the point.
And third, to allow users to work on different problems simultaneously. This really helps when you're stuck on one riddle, but then you have 3-4 more to work on. Usually fresh ideas pop up after taking a break and doing something else.

Now, because few people asked me to give then a list of challenge sites - here's a list with a short explanation of each one:

NotPron - Riddle site that is based on images. To reach the next level you need to figure out the username / password or the name of the next page.

NgSec quiz - Basic security challenge - pretty easy for the experienced ones.

TryThis0ne - Israeli security challenges. Some of them are nice, some of them are pointless.

PullThePlug wargames - Includes three different games: Vortex (exploits under linux), Semtex (network challenges) and BlackSun (advanced exploitation techniques). I've worked on Semtex for some time (reached level 11) and it taught me some things about programming network code under linux with C, raw sockets and more.

Electrica the puzzle challenge - Possibly the best and hardest puzzle challenge I've ever played. Includes math, encryption, programming, reverse engineering and more puzzles. Recommended! :)

Slyfx - Nice and pretty easy security challenge, dealing mostly with web security.

PythonChallenge - Based on the concept of notpron, pythonchallenge is by far the best way I can think of learning Python - solving riddles designed to be solved by this scripting language. Of course you can solve this levels with any programming language, but it will be much more complicated (because about half of the levels includes image processing, which goes easy with Python's PIL module). The cool thing about python challenge is that after you solve a level, you can enter a solution page that shows different python codes used to solve it.

Rankk - A challenge site that started a few months ago, also dealing with security and programming.

Mod-X - Security challenges - some of them are quite hard (level 6-8 mostly).

+Ma's Reversing - Very difficult site (not so clear though), including some really strange problems that you need to analyze for hours.

HackerGames - A portal including links to alot of challenges sites - some of them are total crap (after playing some challenges you see the same levels over and over again).

Also, two RIP sites that worth mentioning:

Try2hack - The first challenge site I've ever played, and probably one of the first sites in the world.

Arcanum - Awesome site, including logic, programming, encryption and misc. challenge for every level (7 in total). Too bad the site is dead.

Now it's your turn - if YOU have a list of good challenge sites to offer please post them as a talkback.

Happy solving!