Surfing the net at Macdonald

I had been trying to do some work at Macdonald recently using the Singtel Wireless@SG Plus and found myself in a new environment compared to few years back.

No, it's not some kids surfing porno in Macdonald but more people are using Macdonald as study location or office. The mess they left behind includes messy eraser residue, chili spread inside coca cola cups and etc.

One look across the whole Macdonald, you can see laptops all over the places making use of the free wireless access and surfing nice sites and probably using it for work or home works. The people are staying in Macdonald much longer then usual, taking up the space for dining and eating. It's odd but I do have a feeling that Mac might remove the wireless services pretty soon as the space for dining are not really effectively utilized. The reasons why the chairs are made out of hard plastic and not soft cushions is not because they are cheap...but because they don't want customers to sit there for too long taking up space for other customers.

I too stayed in Macdonald for about 2-3 hours waiting for my movie to start in the theater and use the time surfing the net and do some catch up in my emails and of course do some work if possible. The only problem is lacking of power sockets for every table for the laptops to last more then the battery life.

Yes, Macbook does have long lifespan but my point is what is the new business opportunity in solving this very problem? This can be a new venue for laptop users to go to with power sockets that charges people by the minute or a cool outdoor surfing hang out locations that have a shelter and nice environment....for study or work. Maybe solving the battery lifespan is the new opportunity? Who have more power to laptops? Renewable Energy?

New Movie "Cloverfield" Trailer!!

This trailer seems to be a amateurish hand held video clip but end up a ultimate trailer for the next coming movie!!! January 18 2008!!! It's one movie I am going to catch! :)

Doing some research on this movie and seems like the mystery surrounding this movie is pretty effective viral marketing technique. First I found the website containing some photos of the movie with no indication of what the movie is about, then I found apple trailer on this movie with name 01.18.08 written as the movie title strangely able to find this trailer using the name "Cloverfield" at google. So the name Cloverfield did represent the movie somewhat...but according to wikipedia, it's just a code name for the sci fiction movie by J. J. Abrams.
The website contain some mystery as well, using the mouse to move the photos around seems to accidentally "flip" the photos over and some writings are found behind 2 photos. The writings may give some clues to what exactly this movie is about but it may also mean nothing.

Anyone that have any idea what this mysterious movie is about do let me's been described as "Godzilla meet Blair Witch Project" video style. The effects seems to be spectacular to me. So, the next coming movie of 2008 to be in my MUST WATCH list!!

UFO in Hati!!??

Even though I had seen REAL UFO in Singapore before many years back (3 times), I had never seen a Video that capture such clear details of "ufo" before. I don't think I can verify's just too "real" to be true...unless there are real additional footages add on before and after the sightings and real multiple witnesses to stand forward with valid testimonies on these to make it real. Even my own... have my sister to verify only one of my sightings.

This video shot looks amateurish that adds to the authenticity of the video but the UFO simply too details and video capture right at the right timing makes this hard to believe footage. If this is real, the witness will be the luckiest person alive to capture these UFO on video!

Black Hat: Security researchers exercise AJAX attacks

According to Computerworld Singapore:

The presence of AJAX code in Web applications continues to grow at a rapid pace, but many of the programs built using the language remain extremely vulnerable to various forms of attack, according to researchers with applications testing specialists SPI Dynamics.

Presenting at the Black Hat 2007 security conference in Las Vegas, Billy Hoffman, lead researcher in SPI's Labs group, and Bryan Sullivan, one of the Atlanta-based company's senior research engineers, detailed a number of methods through which they said many common AJAX applications can be targeted by malicious hackers.

Hoffman, who presented on potential AJAX security concerns at last year's Black Hat show to illustrate some of the attack vectors that can be introduced via use of the language, said that this year's presentation was aimed at proving just how easy it is to manipulate live applications built with the development tools.

Identified as a so-called Web 2.0 programming language, which melds Asynchronous JavaScript and XML to boost the interactivity of Web sites, AJAX has become widely employed among many different types of sites -- including online applications made by major companies such as Google and Yahoo -- but many developers working with the language remain unaware of its security implications, the researchers said.

To illustrate just how AJAX applications can be victimized, the researchers built a fictional travel site called utilizing programming tips offered by popular developer resources, both Web sites and printed manuals, which they used to demonstrate their attacks to the Black Hat audience.

Following the advice offered by mainstream AJAX resources, the SPI experts maintain that the fictional site and its many functions, including its airline flight reservation and payment processing systems, could be compromised easily.

..........Respected security researcher Robert Hansen, better known by his screen name "RSnake," said that blaming AJAX for the issues doesn't make much sense, despite the viability of the attacks that the SPI experts demonstrated.

"There isn't any vulnerability in AJAX that's to blame. These are attacks that could be successfully carried out on almost any type of Web application," Hansen said. "AJAX has certainly had the effect of making it harder for testers to assess the security of applications, but AJAX doesn't really change anything in terms of the degree of vulnerability; it's just another avenue that's being made available to attackers."

See more at Computerworld Singapore

There are many reasons why AJAX can be vulnerable as mentioned in the article but does the benefit of a Asynchronous loading with more user friendly interfaces override the danger? Yes and No.

If your site is a web application that deals with money such as an auction site, shopping cart, payment gateway or similar business related sites then it's best to avoid AJAX web programming methods as hackers have more reasons to attack such sites.

The current batch of vulnerable web 2.0 sites are only attractive for hackers to collect user informations for spam and identity theft which is minor problems compared to direct loss of money from stolen credit card information. The tips to avoid hacking problems web 2.0 sites is not to put your real name (base on identity documents) in the profile page and use spam filters. Try to avoid using the same password on both social networking sites and banking related sites (including paypal).

Unfortunately Hackers are still widely available Internet world regardless they are Whitehat, Blackhat or the most destructive hackers glorified in the movie "The Hackers" and "Die Hard 4.0".

The Internet Businesses will always fail to understand why their internet portal does not bring in the money that it suppose to make with such a world wide population of users. The consumer confidence to part with sensitive credit card informations are usually shy away from purchasing anything online even with legitimate companies due to security vulnerabilities and fraud cases.

To bring back the consumer confidence is much harder then selling endowment insurance to a 12 year old to save money. It's once bitten twice shy, once the trust had been broken with one or two articles about real life internet fraud cases or view a popular websites been vandalized by hackers can shake the consumer confidence greatly.

Horror stories of huge amount of money being cheated by internet fraud are not uncommon...these news are generally great to warn unsuspecting new users to the world of Internet but are great rice bowl breakers for Internet Businesses.

It's about time to find out proper integration of web services and services in the real world...such as DHL Delivery tracking on their website does not interfere with the delivery schedule. The internet banking with the live password using the password generator key chain...which is great but I personally feel that credit cards should be the one that needs a ever changing password generator key chain then the savings account.

Any idea when the banks can think of that? Does it need a third party company to do it for them? I mean if some payment gateway can come up with this idea to solve the problem of hackers obtaining the passwords to their internet banking or credit card details...then online business will boom beyond recognition!

The retail shop next door or down the street might be online selling you a carton of coca cola cheaper as it's purchased online and requires no physical retail shops...other then a storages shed (can be in their residential home) and a delivery truck. A bowl of hot steaming noodles might just be purchase online and delivered to your door steps (cooked just before reaching your house in a van)...these can be visualized as the future of Internet businesses...only to be dreamed of.

Those who are earning some money online are those selling things not common in their own country or retail shops...hence purchasing from overseas via Internet. It's not as wide spread as buying something that common as daily essentials such as shampoo, facial wash, toothpaste and etc.

The reason are lacking of consumer confidence.

Japanese Magic Tricks

This magician got my vote for the best incredible performance ever! His trick simply defy the law of physics and simply impossible to recreate...

Really cool magic trick that I wish I know how to do myself! I had seen his other trick that can boil instant cup noodles with his bare hands...he seems to be a real good magician or very good R&D!

Spider Cat! Does what a Spider can do!

Amazing! I am impressed by this cat! I used to own cats when I was young so I know what they can do or cannot do...they climb trees and jump from very high places and still survive! They can learn how to go toilet to shit in the toilet bowl (Sitting Type) and meow when they are hungry...hee

This spider cat just add to the list of things why I love cats! :)

Digg to find what people like!

I finally tried to search through some of these social networking sites such as and realized that happen to set some kind of benchmarking system for websites! It seems that the more people digg on a website may means the more popular it is!

I just found this fantastic website that I maybe wasting lot's of time on is which have a index of around 350 TV like channels you can watch in your browser. Some are really cool....but it's build to work best in IE and crappy on firefox...which lot's of comments stated.

Personally I found the bug of is the inability to view full screen in boo on that!

The feedback in does it's best in the voting system with the best benchmarking ever for any sites. If anyone wants to make a successful site with valuable feedback should register!! :)

That's all for now...time to for some nice videos! :)

Social networking a waste of time?

According to a poll at there are many people who are pro-social networking and some are just sick and tired of social networking sites that does nothing but wasting time. Those with a objective to join the social networking sites might have some use of these sites...such as facebook, friendsters, Myspace,, Digg, MyBlogLog, BlogCatalog, Twitter, Technorati, and a couple more...that keep popping up and it's hard to keep up to date when the next comes....

I had just joined LinkedIn which are more professional and able to get serious contacts for serious businesses but it's simply a waste of time if we don't spend enough time to update the profiles or stay active in the forums of each social networking sites or writing on "walls" on facebook...

IM (AIM, Yahoo, Google Talk, MSN) is much more direct networking and able to keep in contact in "real" time...but that's about it...many of those whom browse through stumbleupon and reach my blog(s) might be just one time reader.

Those people whom I had speak to in forums many never get to see me in person or even have any contacts at all in the is social networking sites or web 2.0 sites really a waste of time?

I will It's not a waste of time, the reason I say this is that there are always some objectives in each human surfing the net...and they are always different. The variety of ideas and differences in opinions created what the future web 2.0 websites.

1. Bloggers - want to get more links to share with more people what they think and earn some advertising money from various affiliate programs such as Google Adsense....uses social networking sites to expand their influences.

2. Business Owners - want to get more business opportunity to sell or get more awareness to their websites or company or networking websites simply make it more easier to get in touch with real human visitors. In fact, I recommend a full time employee to simply just chat and discuss about similar company products in all social networking forums with a simple back links to their own company websites/blogs.

3. Programmers - get more assistance in social networking sites to help boost each other in programming skills by helping others solving their programming obstacles.

4. Normal Surfer - Simply just treat these social networking sites like a piece of newspaper...once read...and thrown away in a bookmark never to pick it back again in years. Start a forum thread and never follow up, started a blog and never updates it, never have enough time to read the same blog twice...never get to do much networking as they simply have "no time". (Type 1, 2 and 3 are desperately seeking type 4's attention)

Yes, most of the people are time waster...those people never really do social networking and leaving much of the serious social networkers hanging in the middle of a old discussion thread waiting for the other party to be online...which seems to be forever. The questions that was posted weeks ago are just being read...the poll that nobody participate...

What can the next generation web 2.0 websites can change all these time wasting social networking, multiple profile updating hassle and real time like a IM + MMORPG + Blog + News + Forum + Facebook....who will take up such a challenge?