An API, or Application Programming Interface, is a set of functions that one computer program makes available to other programs so they can talk to it directly. A typical example is the Google API for search results and Google Maps API.

According to Programmableweb, currently, the most used APIs are:

You’ll find more about each API in the next posts.

A severe shell-execution exploit has been released by rgod (rgod@autistici.org).

The vulnerability affects all versions of WordPress Blog System<=2.0.2.

The good news - the exploit works only for WordPress sites where the "Self User Registrration" (e.g. /wp-register) is enabled, so for now you can "patch" your system disabling the Self User Registration.

I ran some tests and it seems that the exploit really works fine. However if you are using some redirects to the User Profile section of your blog the exploit will not follow them and keep you from lamers that are trying to hack your server without understanding.

The exploit injects code in "cache/userlogins" files, where WordPress stores user infomration in cache files. On successfull exploit the intruder can launch arbitrary commands (with the webserver user) to the remote machine throught malicious URL. In addition the exploit creates a file called "suntzu.php" - a backdoor to your system.

We are waiting for the official patch from WordPress, but for now you SHOULD disable “User Self Registrations” !

Another Solution:
Restrict web access to the wp-content/cache/userlogins/ and wp-content/cache/users/ directories (e.g. with a .htaccess file)
Use this if you have untrusted users in your blog system.

Here’s the code: http://retrogod.altervista.org/wordpress_202_xpl.html

The improper handling of URI arguments can initiates the transfer of a single named file from one to another Skype user.

An attacker can construct a malformed URL that can initiate the transfer of a single named file from one Skype user to another. Successful exploitation requires that the user follows a malicious Skype URL and that the recipient has previously authorised the sender.

Affected versions:

Skype for Windows:
All releases prior to and including 2.0.*.104
Release 2.5.*.0 to and including 2.5.*.78

More information can be found here.

The official workaround is available here.

Some tips based on the Byster.Net Benchmark

Most of us who are coding PHP have some hesitations what to use - “for” instead of “while”, “file()” instead “file_get_contents()”, etc.

I prefer Perl, but when there’s no time, and when the project is coded on PHP, I’m trying to code optimized. Byster.net has posted interesting Benchmark for all that are trying to optimize their code.
(more…)

If you are curious where the rabbits are sleeping right now, you should visit the DayLight Map (http://www.daylightmap.com/).

This is a map with excellent visualization of current daylight and nighttime regions around the world. You can use the options bar on tweak the settings. It also allows you to select up to ten locations on the map; in addition to seeing at a glance whether it’s daytime there, you can show their local time, sunrise and and sunset times, and length of day.

The site is using the GoogleMaps API, and is one of the most amazing sites that are using Google’s API.

For this who want to collect videos from YouTube, I wrote a little script (embedded in StatusQuo) to help video fetching. You just give the YouTube URL, and the script will fetch the .flv file and give you a link to download it. At the bottom of the page are listed all fetched videos (so you can download, some of already fetched videos) - link

One platform solution for Windows and Linux users is the Mplayer (http://www.mplayerhq.hu) with codecs for FFmpeg Flash video. With Mplayer you can watch your .flv videos.

There’s also a easy solution (for Linux users) to convert the .flv to AVI’s and MPEG’s, so if anyone needs a solution, I can post a how-to or online version to convert.

Here’s the link.

An interesting article found about the Linux mass adoption.

To be perfectly fair to Ubuntu I had also played with a copy of Vista beta. My sound card was not found, the ethernet adapter was not found, and my graphics has severe issues. So all in all the Ubuntu beta is ahead of Vista right now.

(read more)

TouchGraph GoogleBrowser is a site that can represent your links with Google in a graphic scheme. Just enter the starting URL, and you’ll have a map with all in and outgoing links that are indexed in Google.

Once you have the map, you can continue the `browse`, finding usefull information for each node. It’s simple, and it’s a different way to explore your Google linking. Try it here.

Not long ago, I found one intersting thread in Webmaster World about the quality level of Digg.com traffic (http://www.webmasterworld.com/forum89/13191.htm).

The most important for WebMaster Word’s users are the CLICKS - posts like “… yes, digg visitors are known to be non-clickers …” and “if you get popular on digg, you just get heaps of hits and bandwidth issues” are not just bad press, but repetitive posts. That is the Digg for them (or for most of them) - a bad ranked CTR machine.

But is the quality level of Digg traffic the main goal for Digg users and submitters?
(more…)

Nikonian has released it’s latest edition - #30. The highlights:

You can download it for free here: http://nikonian.com/ezine/TheNikonian-30.pdf

National Geographic did a survey to test geography and current events knowledge of Americans.

The questions are basic and quite simple. However, the results suggest that young people in the United States are unprepared for an increasingly global future.

read more

Консумацията на информация в наши дни, след създаването и развитието на глобалната мрежа, след навлизането на масмедиите като телевизия, радио и печатни издания е толкова голяма, че е трудно да не се съгласим с твърдението, че след индустриалната ера, която ни заливаше през последните десетилетия на 19 и 20 век, е настъпила ерата на информацията. Основните източници на информация могат да бъдат групирани най-общо като видове масмедии включващ вестници, списания, телевизия, радио, рекламни издания и интернет. Парадоксален е обаче фактът, че най-големите приходи за издателите и собственици на медиите е една друга информационна група, която вирее сред основните информационни потоци – рекламата.
(more…)