Sajal Kayan

BarCampBKK3 - my experience!

May 25th, 2009

Last weekend(23rd and 24th May) I attended BarCamp Bangkok 3, it was an awesome experience… In this blogpost i intend to outline some of the interesting aspects of it from my viewpoint.

(Photo Credit new_davich on flickr)

Firstly over 700 people registered on the Barcamp Website. Atleast 550 people showed up at the actual event. That is 550 people registered at the registration desks on Day 1. There may have been more people turning up throughout the day who didn’t register and I don’t yet have the figure for Day 2. This IMHO would make BarCampbkk3 the biggest BarCamp in ASEAN. There were many people who flew in to Bangkok from overseas exclusively for the BarCamp from countries including Malaysia, Singapore, Cambodia, Vietnam and Hong Kong. Many to Bangkok for their first time.

Many thanks to Sripatum University(SPU) for agreeing to be the venue. They were very helpful and even provided us with 20 to 30 volunteers to help with the arrangements.

Opening Ceremony! - Dont be scared barcamp isint anything formal.. this is exception (Photo Credit new_davich on flickr)

I collected the following schwag :-

BarCamp Bangkok black T-Shirt (Thanks Luke for the awesome design) - Photo Credit Virak

An eco friendly cloth Bag from SPU (Photo credit Preetam Rai)
ATIZ white T-Shirt (if you can find photo ping me)
Yahoo Car hanging thingy. (if you can find photo ping me)

Tech start-ups in Thailand

Among the interesting topics covered were some presentations and a discussion relating to Start-ups in Thailand. There were talks focused on financing issues and other issues faced by startups. The most common factors discouraging Thais and Foreigners from setting up a start-up in Thailand is(IMHO) the procedure and red-tape involved in setting up and managing a Thai Company. John mentioned about a friend who flew to Singapore in a morning and by afternoon he had his company set-up and ready for business. So thats about 10,000 Baht for the airfare and about S$200 to S$300(about 4,700 to 7,100 Thai Baht) for formalities, etc. Here in Thailand even if you know exactly what to do, it would take weeks.

Ben from Proteus Tech gave and interesting talk titled “How to Create a Successful Technical Startup”. Proteus Tech is also interested to encourage the potential Thai entrepreneurs. Proteus Tech said in a statement:-

“We hope to organize a startup event to help people understand how to write a business plan and define a business strategy. Then we’ll have a follow up “startup gauntlet” where we give them a chance to present their biz plan and get evaluated + win some seed capital to start.”

Ben’s Presentation - Why didn’t I see this a few years ago, I learned some of the points the hard way.

Overnight Activities

This was the first Barcamp in Thailand where we stayed at the venue overnight. The evening started with drinks at a nearby pub, after which we returned back to the venue. I tried in vain to help people getstated in Linux, but looks like nobody was interested… We played a couple of rounds of a Werewolf Game which was interesting, the foreigners always got nominated to be werewolves and kicked out first…. @murz (tried to) introduce us to a board game “Adel Verpflichtet“. The rules were so complex that she had to draw a flowchart to explain it

Along with Jan, I did a “SEO site clinic” where we analyzed volunteers websites from an SEO viewpoint. Unlike last BarCamp, this was attended by very few people, probably due to clash in timing with other more popular topics.

Overall it was very exciting to be a part of BarCampBKK3 looking forward to BarCampBKK4

Links:-

BarCamp Bangkok Website : http://www.barcampbangkok.org
Pics : http://www.flickr.com/search/?q=barcampbkk3&w=all
Slides : http://www.slideshare.net/search/slideshow?lang=**&submit=post&q=+barcampbkk3&commit=search

Blogs : http://blogsearch.google.com/blogsearch?q=barcampbkk3

Sphere: Related Content

Posted in BarCampBangkok, Thailand | 1 Comment »

Typical interaction of Windows Vista

April 27th, 2009

Vista : Are you sure?
User : Yes
Vista : Are you sure about being sure?
User : Yes
Vista : Are you sure about being sure about being sure?
User : Yes
Vista : Are you sure about being sure about being sure about being sure?
User : Yes
Vista : Are you sure about being sure about being sure about being sure about being sure?
User : Yes
Vista : Are you sure about being sure about being sure about being sure about being sure about being sure?
User : Yes
Vista : Are you sure about being sure about being sure about being sure about being sure about being sure about being sure?
User : Grrr…. Screw you Microsoft!!!!
Vista : Are you sure you want to screw Microsoft?
…

Sphere: Related Content

Posted in Humour | 2 Comments »

Python script to detect bad bots/people faking as Googlebot

March 28th, 2009

A script for analyzing my webservers access.log is long overdue here is a small start. Just recently I noticed a bad bot was attempting to scrape whole of my site using Googlebot’s useragent. Since im learning python, I thought it might be a nice experience to write a simple script which can help me detect these fakers.

The script looks at the access log, looks for records matching “Googlebot” then validates based on techniques mentioned at “How to verify Googlebot” at Google Webmaster Central Blog. It may also be useful or even fun to catch other SEOs trying to see your site thru Googlebot’s eyes.

The logic is simple. The IP from which the request is coming in should point to a *.googlebot.com and in turn the hostname should resolve back to the same IP. The first part can be faked by a smart faker, but the latter is not possible(unless they break into Google’s DNS servers ). This 2 step validation is a sure shot method.

For a Genuine Googlebot request :-

Server log entry :-
66.249.71.202 - - [28/Mar/2009:08:59:14 -0500] GET / HTTP/1.1 “200″ 17892 “-” “Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)” “-”
IP : 66.249.71.202

Thus :-
# host 66.249.71.202 202.71.249.66.in-addr.arpa domain name pointer crawl-66-249-71-202.googlebot.com. # host crawl-66-249-71-202.googlebot.com. crawl-66-249-71-202.googlebot.com has address 66.249.71.202 #
For now this script outputs : The number of hits, IP, hostname, and what ip the hostname resolvs to….
# ./logazier.py 92 - 99.190.96.157 - adsl-99-190-96-157.dsl.pltn13.sbcglobal.net - FAKE - 99.190.96.157 36 - 24.154.150.217 - dynamic-acs-24-154-150-217.zoominternet.net - FAKE - 24.154.150.217 4 - 83.82.191.185 - 5352BFB9.cable.casema.nl - FAKE - 83.82.191.185 4 - 69.64.69.150 - 69-64-69-150.dedicated.abac.net - FAKE - 69.64.69.150 3 - 64.191.54.85 - venus.surfwebhost.com - FAKE - 64.191.54.85 3 - 117.47.205.13 - err - FAKE - err 2 - 218.186.12.202 - cm202.omega12.maxonline.com.sg - FAKE - 218.186.12.202 1 - 96.254.203.143 - pool-96-254-203-143.tampfl.fios.verizon.net - FAKE - 96.254.203.143 1 - 76.160.175.238 - mail.appianllc.com - FAKE - 76.160.175.238 1 - 121.246.166.247 - 121.246.166.247.static-hyd.vsnl.net.in - FAKE - err 1 - 117.196.235.141 - err - FAKE - err

The script can be downloaded at : http://www.sajalkayan.com/logazier/0.0.1/logazier.py

Upcoming features.

Detect other major bots as well - yahoo, msn, alexa, etc…
Analyze the access.log for bad bot activity even when the bots use regular browser user agents - much more complex than I thought

Sphere: Related Content

Posted in Python, Webmaster Things | 1 Comment »

Leading Indian news agency becomes victim of cyberterrorism

February 11th, 2009

Indo-Asian News Service (IANS) is one of India’s leading news wires. Their news is available to subscribers only and among their clients are various newspapers and news websites. They are one of the fastest text news services and often among the first to break news.

Last night, their website was hacked (or to be politically correct I should say defaced or owned) allegedly by hackers based at Pakistan. These criminals did not take down the entire website, it was worse. They put in derogatory stories against India within the wire. To news websites syndicating their news, it would seem like a genuine news from their end. Here is a screenshot of their latest post today morning.

Ians Hacked

At the time of writing (Feb 11th 10am or 8:30 Indian time) the IANS website is still unaccessible

Some observations about IANS

It uses PHP
The client side coding is very pathetically done, Very likely the backend is just as bad or worse
Their servers(at Delhi) uses “TATA Communications” as ISP meaning it is either self hosted or at a datacenter.
Uses windows for webservers (This is AFAIK, website is down now, so cant probe to be sure) correction it is on Red Hat

What ticks me off is that this is such an important site it should be much more secure. The traffic to the site may be negligable, but if at all you are a newsjunkie, it is highly likely that you read stories from IANS on a daily basis on other websites/newspapers.

Edit : 9am IST the website is back online

UPDATE : 4:05 pm (Indian Time) IANS has published the following message on their wire :-

Dear Subscriber,
The IANS website — www.ians.in — was targeted by Pakistani hackers last night.

The hackers gained entry into the site and began uploading abusive

content. This was noticed around 1 a.m. by our technical staff, who

immediately began clearing the offensive content. To prevent any damage to

the database, the site was shut down for a few hours. Meanwhile, we are

further strengthening our security systems to prevent the recurrence, as far

as possible, of any such incidents in the future.

Any inconvenience caused to subscribers is deeply regretted.

Best regards,

Partha Sarathi Mitra

C.T.O.

IANS

Some things worth noting:

There appears to be 2 attacks not 1, one around midnight-ish and one few hours later. Messages from the first attack was deleted, service resumed normally, then there was another attack.
If site was intentionally shut down then why no message on it?
Cant seem to find any reassurances that our contact details, etc are safe… Did they steal anything?
No email communication from them yet. This message was just put into the wire along with 100s of stories, very easy to miss.

Sphere: Related Content

Posted in Media, Webmaster Things | No Comments »

The Good, The Bad and The Greedy!

February 7th, 2009

Usually wanting money is a good thing. It makes us work harder. Greed is actually a good thing. It is the only line of defense between working hard and being a full time couch potato. Occasionally greed makes us do things… really evil things..

The Good Greed : FOSS (Free and Open Source Software) is the perfect example of the good greed. The developers are usually not concerned about the community, they have their own personal greedy reason for contributing to a project. The reasons may be many including(but not limited to) :

They develop it just cause they wanna use it.
Money - Contribute code because someone is paying you to do so or that you would be able to sell services based on it
Bragging rights - to raise social status, a pay raise, etc…
Joy
…

As you see all the above reasons are selfish greedy reasons and its not a bad thing.

The Bad Greed : Listing some of them who are at the top of my mind.

Most Propriety Software Vendors (out of scope of this post to name them all, use your your imagination) - For these people the primary greed is to sell their software to the most number of “consumers” and the highest possible price. This is where “best performing” gets substituted for “best selling“. The software provided is usually capable of performing better or having more features, but these are locked and made available to “consumers” who pay more.

Moreover, the source code for these softwares is mostly not available to the “consumers” so they get away with “selling” any crap they want. Most of the money spent by the “consumers” is spent on legal issues, marketing, propoganda, adverts, yatches and corporate retreats. A lot of the effort put by developers is actually spent on restricting “consumers” from performing tasks on their software rather than adding more functionality.

Telcom Operators : These people are supposed to sell bandwidth, thats it. I realized thats so untrue after a recent event where the speaker was from a leading smartphone software manufacturer that the telcom networks make most of their money from VAS (Value Added Services). The downside is it adds value but not for the “consumers” but rather than the bank balance of the company. They charge ridiculous prices for simple things like ringtone downloads, etc where the cost of the bandwidth would be negligible compared to the total fees charged. Well thats not too bad, but the really bad part is they would do everything in their power to prevent their “consumers” from getting these content from elsewhere because then they would charge only for the bandwidth.

Device Manufacturers : I am talking about especially about Smartphones here. These people manufacture these wonderful devices, but not to simply sell it at a profit. They want to be able to bundle as much VAS(see previous paragraph) on it as possible. The most common form of their evilness is joining up with a telcom operator exclusively to offer the device along with a plan.

Take the example of Google’s Android based phone. The device is available in the United States at the price of $177.99 (roughly 6,302.39 Baht) with a plan from T-Mobile and for $399 (roughly 13,971.07 Baht). These phones are available only to T-Mobile customers and are locked to this network. The rest of the world is too foreign to make use of this. A recent trip to Pantip Plaza(Bangkok’s IT shopping Mall) showed a retailer selling the G1 for 19,900 Baht (Roughly $568.32) without any warranty. This device was unlocked(probably illegally) and most probably it is illegal to use the device with any other SIM card other than T-Mobile’s. A portion of the price you pay for the device is probably going towards the lawyers who helped placed this ristriction in the first place.

There are many more examples, but the above ones are about the ones I feel strongest about.

So the in the bad greed, the “consumers” actually pay a lot of money to have their freedom taken away from them and become slaves.

Coming from a Business family background, we were always tought that “Buyer is God” … Apparently nowdays it isint true…

The bottomline is that Greed may or maynot be a bad thing, it is how you make it work for you. So from now on, be proud of your greediness and use it in your advantage to do better things. The next time someone blames you for being too greedy, your reaction to it would be totally based on how you utilize the greed.

For me, my biggest greed would be freedom. I am greedy for it and will not let anyone tell me otherwise.

Yours Greedily,
Sajal

Sphere: Related Content

Posted in rants | No Comments »

Parental Control

December 27th, 2008

Parental Control

Posted in Uncategorized | No Comments »

A beautiful video about LINUX

December 25th, 2008

Posted in Interesting Vids, Linux | No Comments »

I <3 Django

December 1st, 2008

Last month(November) had been quite busy for me, had many things going on including :-

My new Secret Project : Its a new Django based web project, if all goes as per plan I take over the world and declare windows illegal
Visa issues : Apparently the process for a Non-Immigrant visa in Thailand is not an easy route.
Thai Political Uncertainty : The drama is simply too irresistible to not follow, constant fights, arguments and lame comments from both sides (pro-govt and PAD)
Trip to India : I had gone on a short trip to India on Social visit in the beginning of the month.
Mumbai Terror Attacks : The bastards struck the Indian financial capital of Mumbai. Even though the 62 hour long ordeal is over now, the blame game drama has begun and would make major news for months to come.

So… apologies to my regular readers (just in case there are any besides me) just had too many things shoved into one month.

A couple of months ago I wrote about how I had finally chosen Ruby on Rails over Django. Well… at the time of writing I hadnt taken a serious look at Django. Soon after making the post i decided to give Django a second look. The more i dugg, the deeper I fell in love Django and Python. I have Ben and Kirit who I can regularly irriate with n00b questions, the Django-Users group is quite active and the Django documentation is just awesome. Django truly rocks.

About my new secret project, it is a website about -SNIP- and I aim it to be one of the authorative websites in it domains. The topic of the site is not one I am an expert in, however that shouldnt be an issue. The website is located at -SNIP- . For this project Archit is helping with css n stuff for free .

As expressed above, the website is made using Django, and is un early development stages and even while development the data entry is already in progress. It would eventually become a really huge database.

The best thing i liked about Django is that you can import the Django enviornment in any regular external script and have access to all the functions, models defined in your project. You even have access to all the django APIs within your project. See this awesome post for more info of what im saying. I modified it a little to suit my project.

#for portability
project = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
sys.path.append(project)
os.environ[‘DJANGO_SETTINGS_MODULE’] =‘topsecretproject.settings’
from django.core.management import setup_environ
from topsecretproject import settings
from topsecretproject.app.models import model1, model2
setup_environ(settings)
data = model1.objects.all()
#… and so onn….

Tools used : Postgres, git, github, gedit, Komodo IDE(looks nice but free trial gonna run out soon ), Ubuntu(my notebook), CentOS(development server - crappy VPS)

Since this project is being built from the ground up, I have full control of everything. Keeping both usability and Search Engine Optimization in mind and not really feeling like there is a compromise in any.

Perhaps in a couple of weeks the site would be somewhat presentable, then id discuss various aspects about the code and techniques im using in keeping the site SEOed. Its too early to talk about it at the moment.

Disclaimer : No windows users were harmed during the production of this post.

Sphere: Related Content

Posted in Django | 3 Comments »