Published by Preethi on 29th May 2008
I was reading this article Phishing ANZ customers and so I started to think more about phishing and doing a bit of research on the past “phishing classics”.
Now, I am not a security engineer, so dont expect me to give you all the security tips and tricks. When I was in my first days of college, I always wanted to become one. May be one day I will get there. I was very much impressed by firewalls. Infact I even did a tech-talk on that topic.
So, to keep ourselves restricted to the scope of this post 
‘phishing’ , which the term might have arised from fishing + phreaking, means impersonating something/someone else and tricking customers for financial advantages or to obtain user credentials.
Phishing can be done in different ways, for example the news article that I have referred to in SMH speaks about a technique where the users get an email with some text and a link. The email content usually will give a legitimate impression to the user. The link will be to a site that impersonates the original site (in this case ANZ) and might request the user to login and thus can get the user credentials. In ANZ instance, the email went around to the bank customers and it contained a link to a site whose url, look and feel and content was very similar to the ANZ’s. It had login prompt where the users entered their customer number and their pin. So the phishers now got access to this sensitive data!!
Phishing techniques include using a seemingly legitimate link text or impersonating the look and feel of the site along with its url. After a few anti-phishing techniques have been developed to identify the most common phishing link text, many of the ‘phishers’ started using images to overcome them.
Read the rest of this entry »
Published by Preethi on 27th May 2008
I was thinking of doing some SEO (Search Engine Optimizing) stuff for my blog and I found this interesting method called ‘cloaking’ which many people might argue as a Search Engine Optimizing technique but I would say it is a search engine cheating technique
For those of you who are wondering “what is Cloaking” and “what is SEO”; Search Engine Optimization is a process of improving the search engine related traffic to a site via search results for targeted keywords. Normally, the higher the rank of a site, its displayed in the top results of a related keyword search; which is why it attracts huge amount of traffic. Hence optimizing is important.
There are different ways of optmizing your site for search engines, by using relevant metadata on the webpages etc. Cloaking, many people consider, as one such techniques as well. But in reality its not a legitimate way of optimising.
What is Cloaking? Cloaking is a technique in which the content that is presented to the search engine spider is different to the content that is presented to the user. So a site’s web-master can create two types of content; one for the search engines and the other for the normal users (visitors). When a request for content hits the server, we can programmatically detect the requester and identify if it is a normal user or a search engine spider trying to crawl the site. This can be done from the User-Agent HTTP header. When its detected as a spider then the key-word rich content is returned. So the content presented to the normal users in this case is different.
Wikipedia terms cloaking as a black hat search engine optimization technique and I would call it a search engine cheating technique. Since the content returned to the spiders is keyword rich, the site would automatically get a higher rank and hence would be displayed in the first pages of the search results for the particular keyword.
Many Search engines have blacked out this technique and big search engines like Google ban such sites which use it and I think they should.
So best thing would be to follow the best and legitimate SEO techniques to increase the page rank and thus increase the traffic. If you think anyone is cloaking, then please do complain to the relevant search engine company to take an action and they should be able to verify and thus remove the site from the index.
Published by Preethi on 23rd May 2008
I have seen come cool releases from Google that are based on translation and transliteration and have started doing a bit of research on differences between both of them.
I am pretty sure people are well aware of the Yahoo!’s good old Babelfish that translates the given block of text into a particular language. It also translates an entire webpage into the specified language. Google has also launched something similar to it called Google Translate which has the same functionality like Babelfish.
But somehow, a little bit different concept has been applied to Google Indic Transliteration. Now as the name suggests this is only available for Indic languages - Indian and Iranian languages. But the concept that has been used here is called transliteration which means it transliterates word by word.
I know that would sound a bit confusing but imagine typing a block to text english and then translate it to a particular language is Translation.
Whereas, transliteration is a mapping from one system of writing into another, word by word. So basically you would be using an english keyboard and typing words of your own language. So it works in the same concept of phonetic keyboard. Now I think that it is pretty cool.
Google has also integrated this in Blogspot and hence people can turn this option on and write blogs in any of the transindic languages. I hope they would release it soon for other languages as well.
Though this is of not much use in the english speaking countries, it could prove to be a powerful tool in other countries and lift up the usage of Google applications like mail, google docs, blogspot etc enormously.
Now if this blog does not make any sense to you 
then have a go at Google Indic Transliteration and Yahoo! Babel Fish and you will notice the difference.
