Archive for March, 2008

Easy way to get root privileges, part 1.

Friday, March 28th, 2008

Some hours ago i was asking for some help at the IRC channel of a really large hosting company. The IRC channel is not an official support channel for this company, but some admins and company staff are kind enough to be there in order to help people, etc.
And well, the following took place. Keep in mind that i have replaced both real nicknames and also any occurence of the company name for the sake of privacy.
Enjoy :)

[RandomKid] By the way, the cookies **Hosting Company** use are no good :(
[RandomKid] anther time why, I think they can be poisioned.
[RandomKid] Will try safari now.
[HostingCompanyGuy] why not just bookmark your control panel?
[HostingCompanyGuy] RamdonKid: weren't you the same person that thought you could get root access to a server just because of an "insecure" upload form?
[RandomKid] hmmm good idea
[DiegoMax] ...
* RandomKid doesn't think, me knows.
[HostingCompanyGuy] lol
[HostingCompanyGuy] still waiting for you to show me how
[DiegoMax] kids....
(more…)

mi buenos aires querido

Thursday, March 13th, 2008

Mi Buenos Aires Querido

iPhone’s “Code Signing”: Is there any limit for the ridiculous ?

Sunday, March 9th, 2008

Some hours ago i was pointed to an interesting post about the new “code signing” features that Apple is going to implement for the iPhone software developers, and honestly, I am speechless…
There was a time when i used to believe that there was a good reason for Apple to be so closed in some aspects: To keep the user experience as clean and smooth as possible.
That could explain several behaviors in the iTunes Music Store, in the iPod and of course in the whole Mac platform, but after reading several times this great article at Rogue Amoeba’s blog, just one thing comes to my mind… “is there any limit ?”.

I still can’t believe the fact that it is just NOT possible to load an application inside an iPhone unless it’s blessed (read: digitally signed) by Apple, and yes, you read it right, not even for testing purposes, which means that if you want to start writing some code for the iPhone, you have to a) buy a $99 testing certificate, and b) buy an extra iPhone compatible with that extra certificate.
But the story continues….

Apple seems to have a list of things that they are not going to bless, like for example Porn, or “Bandwidth Hog” applications, and there is also the “unforeseen” category, which translated to plain English means “anything that we don’t like at all or we consider bad for our business model”.

I happen to believe that protecting the user experience as much as you can is a good thing, and that is mainly the reason because Mac OS is more enjoyable than any other OS out there, no discussion there, but when a company starts telling me what I am allowed to run (or not) on a device that i OWN, I think that something is really wrong. In my particular case, I don’t own an iPhone (and not even planning to own one, mostly because I use Nextel, and I wouldn’t change it for anything), for the contrary i own a Motorola headset, and i can load any application on it, or even write my own if I feel like.

No matter how much I love Apple and their products, I think that freedom of choice is one of the most valuable things that our society must protect, and while I read a lot of forum / blog posts by the so called “Apple fanboys” saying things like “if you don’t like it, don’t buy it” I just don’t want to believe what could happen if a company with this way of thinking becomes the market leader.

I have yet to see the evolution of this whole thing, but right now this just makes me re-think if some other eternally blamed companies are really sooooo evil after all…