Thursday, August 13, 2015

Help Desk: Android In-App Payments

I was plagued with this problem a bit myself and trying to find an answer was a bit difficult. The problem occurred when I would try to pay for something in an app and it kept choosing the wrong account. With no way to change this, it was a bit maddening. For a while the only solution I could find was to delete the account it was trying to use until it was forced to pick the one I needed to use. This was annoying as after re-adding the accounts it would switch back. Then I found mention of uninstalling it, switching to the account I wanted to pay through and then re-installing it. This did not work.

The simple solution was to first uninstall the application. Then log in to Google Play through a web browser under the account I wanted to use it with. Then install it through that. That was the only somewhat reasonable solution I could find.

Monday, July 13, 2015

Web Hacking 101: Javascript

While this is a broad subject, let's start with the assumption you know the basics on programming in Javascript. Javascript opens up unique opportunities for altering websites. Javascript, when used properly, should be for creating a dynamic web page and not for any security measures. The reason for this is quite simply because Javascript is as easily viewed as the web page's source. With a DOM inspector like the kind in Firebug, you can find lots of things on websites to play around with.

The easiest to start messing around with are variables. An easy way to demonstrate this would be an example. So going a bit old school, the Nyancat website. Let's make it look like we've had that site up for way longer than it has been up. We do this by checking out some of the variables. In the code I find this snippet:

var startTime = new Date();

So in the Firebug console, I simply put in

startTime = new Date(0);

And like magic, it thinks I've been there since 1969.

Now that's purely basic and mostly useless, unless you like showing off random stuff like that. However, this is just an example of what you can change in Javascript to mess with things. The simple fact of the matter is that you can alter anything in the Javascript of a website or add stuff to it.

Now there are two other things you may run into. The first is obfuscated Javascript. This is when the code is made to be very hard to read. This means no real formatting, nondescript names for variables, functions and classes and other things that can be quite a headache. The easiest way to deal with that is to look for a Javascript beautifier. A simple Google search will give you some results.

The other thing you could run into will appear like a garbled mess. This is JScript encoding, created by Microsoft and not often used. It may take a bit of searching, but there are decoders you can use to view the source. I wouldn't obsess over this, though, as it is a rare thing to find.

As you move on with Javascript exploits, down the road you will come across something called XSS, or Cross Site Scripting. This is when you manage to get others to view a page with Javascript that is used for malicious purposes. This can be anything from stealing information to simply annoying people. To pull stuff like that off requires a bit of filter evasion or knowing somewhere it can be executed. That in itself is a topic of its own. Until then, try using Javascript on sites to see what can be altered or changed.

Wednesday, July 1, 2015

Information Dump: Comptia A+ 801 Study Guide

I was originally going to post this in pieces, however not only will that take a lot of work due to how the formatting is, but it would also be the worlds biggest pain if I need to update anything. As a result, I am uploading it to Google Drive and docs or whatever. Yay! A few things to note.

  1. This is very cut and dry, basically like a quick reference or "cheat sheet"
  2. Not all the information is necessary to be memorized
  3. I make no guarantee that there are no errors
  4. Stuff may and most likely will change over time
Now I post this for those looking for some free study material and it's basically notes I was making while I was studying.

So here's the information from me to you.


*** Currently it is missing some stuff. I am in the process of finishing it, so check back every so often. The 802 should be following shortly after I finish this one and then possibly a Security+ study guide after that.

Friday, June 19, 2015

Gadget Review: Fitbit Charge HR

I had originally purchased the Fitbit to monitor my sleep. Suffering from insomnia during the summer and also finding out that sometimes I appear to wake in a panic and don't remember doing so, I figured monitoring my sleep could reveal something. I have not had it for too long, however there are some things I feel the need to talk about with it.

Now the first thing to note is physically how it is wearing it. The material is rubbery but no discomfort with the band. The actual metal buckle cut into my wrist one night when I fell asleep on it. The rubbery texture means it's pure hell if moisture gets under it. The actual heart beat monitor on it likes to leave a square indent no matter how loose I make it, if I make it any looser it would slide too much and get really annoying. All in all, about as comfortable as any Casio I'd wear if I wore watches.

The screen itself is good, bright and readable. The single button to cycle through everything is mildly annoying if I bump past the screen I wanted.

Now as far as the tracking goes, let's start with the heartbeat monitor. It seems good, although sometimes I question its accuracy. The pedometer is very inaccurate. It's set to being on my dominant hand and it still registers any up-down movement as a step seemingly nine times out of ten. The monitor for stairs, there are no describable words for how terrible it is. I can run up and down a ladder or stairs or do steups and get no change. Meanwhile I know someone who never uses any stairs and can go up 10 flights of stairs in a day. When it comes to monitoring calories burned, some days it seems very high, other days it seems very low. So I couldn't even guess if there is any real accuracy there.

Now another thing to talk about is the distance measuring. This is guessed based off of your steps and the stride length (I never entered that information because because). This means that is is as accurate as the pedometer. So I walk about a mile every morning laying in bed petting my dog. Enough said.

Now the automatic sleep monitor. According to stuff online, it determines when you fall asleep by a lack of movement and low heart rate. Seems accurate enough. It also logs "restless sleep." This is when you move a little from tossing and turning. If you sleep with someone else, these logs can look very similar. It can also log if you "wake up." This can also appear if you sleep with someone who disturbs the bed enough when they wake up and you're still asleep. I would venture to guess this is about the best it can do on accuracy and it seems rather accurate for me.

There is also an activity log based on the heart rate monitoring. This means anything that gets your heart going counts as activity, be it exercise, an exciting movie, video games or porn. So there's that.

Now it also comes with a way to sync to your computer and to your phone. The computer uses a dongle and the phone uses bluetooth. So I don't bother syncing anything unless I get curious otherwise the bluetooth would kill my phone too quickly and bluetooth security is not really the greatest thing in the world.

Now aside from the automatic tracking and graph generations, it also includes basically a food journal, exercise log, water intake log and weight log. I don't use any of these because I am not going to take my phone out every time I want to eat, drink or exercise. If I were really interested in that, I would more than likely write it down by hand. But I'm not so I don't. I won't go on a rant about dietary needs (even though I do in real life whenever I hear the word diet), but a food journal isn't really necessary unless you have a real medical reason for needing to know. Plus, seeing I eat McDonalds, pizza rolls, ramen and every candy I get my hands on won't change me doing all those things. I'm 6'2" and 160 lbs and have been for eight years. So take that. Also, drink water when you're thirsty and exercise for about 15 minutes a day and you'll be perfectly healthy. Hrumph.

Now that that is out of my system, let's move on to the stuff that actually genuinely irritates me. First, I cannot remove "goals" from the thing. I don't care how many steps I take, floors I go up, calories I burn or water I intake. There are no steps in my house but it won't let me remove that or set it to zero. I just don't have any goals for any of that because I don't care. I was curious about the sleep monitoring, enjoy the heart rate graphs every now and again, but that is it. Let me be lazy without this whole goal overtone. The actual app design is okay and the website is okay as well. It's easy enough to use. One feature I think would be nice is to have an alarm set a certain number of hours after it registers you falling asleep.

Speaking of, I forgot about the silent alarm. It works for me because I'm a light sleeper. The sound of the vibration motor is enough to wake me up. Doesn't work so well for heavy sleepers, though.

At the end of the day, I would say it is an annoying novelty that might be interesting to people really into working out and dieting, but does very little in the way of leading to a healthier lifestyle. Oh, and if you're curious, I have taken about 50 steps in the process of typing this. As far as has it helped me figure anything out about my sleep... well it just lets me know I sleep consistently badly.

Tag Cloud

.NET (1) A+ (2) addon (6) Android (4) anonymous functions (5) application (10) arduino (1) artificial intelligence (2) bash (4) c (7) camera (1) certifications (4) cobol (1) comptia (4) computing (2) css (2) customize (16) encryption (2) error (19) exploit (17) ftp (3) funny (2) gadget (3) games (2) Gtk (1) GUI (5) hardware (7) haskell (15) help (8) HTML (6) irc (2) java (5) javascript (21) Linux (20) Mac (5) malware (2) math (8) network (9) objects (2) OCaml (1) perl (4) php (9) plugin (7) programming (42) python (24) radio (1) regex (3) security (25) sound (1) speakers (1) ssh (3) story (1) Techs from the Crypt (2) telnet (2) tools (15) troubleshooting (5) Ubuntu (4) Unix (4) virtualization (1) web design (14) Windows (8) wx (2)