Unique Usernames and People Who Want Them

One phenomenon I’ve come across on the internet are unique usernames and the logistics behind people or businesses wanting to steal them, swap them, or purchase them for themselves. Such examples are Moz, Mozilla, Fred, Cosmic Panda, etc.

In 2007, the ‘moz’ username on Twitter.com was taken by Swedish web user Per Mosseby. At some point in either 2012 or 2013, the username was taken over by an SEO business also called Moz.

I had this happen to me on a lesser known web forum for Google Maps. One day I logged in to find a screen forcing me to create a username, but I already had one called ‘Alexander’ which I thought I would cleverly grab while the forum was new. I typed it into the screen, since I assumed I had already ‘owned’ it and it cannot be given to anyone else (turns out it can).

I was greeted with this:

stealers

Therefore, I can only assume that a Google employee or moderator desired the username and took it from me to use it for his/her own account.

People will go great lengths to grab unique usernames online. There have been times when a large business or public figure will somehow quietly steal the username. For example Fred on YouTube was famously given the ‘Fred’ username, which was forcibly taken from its original owner.

However, sometimes businesses will use diplomacy to try and acquire a username. Web user foszor posted online that when Twitter was new, he took the username Mozilla.’ Time passed, and he was contacted by a lawyer for the business. He had tweeted foszor asking him to send an email, then deleted the tweet afterwards. It ended up being a legitimate dialogue for exchanging the username. In return for giving up ‘Mozilla,’ foszor received “2 t-shirts, 3 buttons and some stickers.”

He also mentions that he had the ‘CBS’ username, and that it was stolen from him without any conversation.

The standard procedure businesses go through to acquire usernames is to contact the site and say that they want their trademarked name for themselves. For example, with Instagram you would have to go through a trademark infringement form.

Here is an interesting article about someone who had his rare username stolen through social engineering.

Advertisements

A Step by Step Guide on How to Update a Samsung Galaxy S7 (SM-G930F/FD) with Magisk Installed.

I do this every so often, so I’m keeping a post here to remind myself how to do it. This guide assumes you have an Exynos S7 rooted with Magisk, and that you want to update your phone’s official firmware. I’m not going to walk you through everything, so you’ll have to know quite a bit about rooting before you read this guide. Remember to back everything up, calls, texts, media, apps, you name it. This process takes a few hours.

Obligatory disclaimer: I’m not responsible for what happens to your phone, you are. Your phone could be rendered inoperable if you choose to follow this guide. In fact you should not follow this guide, get out of here.

Things you should already have:

  • Your phone, with a battery charge of at least 70%
  • Odin
  • Team Win Recovery Project (twrp) for herolte (or hero2lte for Edge) or an alternative custom recovery zip
  • no-verity-opt-encrypt-5.1, a script in the form of a .zip which you should have used when flashing Magisk for the first time
  • The Magisk zip you want to re-flash, or preferably the most recent version
  • The Magisk uninstaller zip
  • Your chosen region’s update firmware files
  • A USB cable.

Magisk XDA thread to download Magisk files from: https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445

Here’s a step by step guide, now that you have everything you need:

Step 1: Readying the Resources

http://updato.com/firmware-archive-select-model?q=GALAXY+S7

From this link, you’ll need to find the firmware version you desire. For example, the firmware code I’ll use is BTU, which matches my desired phone region. An alternative site would be Sammobile. No matter what website you choose; it will take hours to download the firmware, so be prepared for that. The Edge has separate firmware, so don’t mix them up.

Move the no-verity patch, the magisk zip, and the magisk uninstaller zip onto your phone using a file-transfer method through USB. Move them to the SD card, not the internal memory. Your phone’s internal memory will be unreadable after you flash a custom recovery, so you must use an SD card.

12

12

 

Now you’ve got the zip files on your phone ready to use later. Once done, unplug your phone from the USB cable.

Double-check you have all of your resources. Preferably organised in a folder on your computer. You WILL need to re-flash TWRP (or an alternative recovery) once your phone has been updated, so don’t skip on that even though you already have it installed on your phone. This is because everything on your phone, including the recovery, is overwritten by the firmware flash, apart from your personal data if we use HOME_CSC (hopefully, friendly reminder to backup). However we will not be using HOME_CSC, we have to use CSC instead because updating a rooted phone and retaining user data causes it to soft brick.

For reference, this is how the folder looks on my PC:

et phone hom

In my folder, I have an additional folder; my old firmware. This isn’t required for what we’re doing now though.

Inside the fully-downloaded firmware folder looks like:

et phone hom2

If your files do not look like this, double-check that you’ve gathered everything you need.

Step 2: Removing Magisk (We’ll install it again at the end)

Check that

Boot your S7 into recovery by having your phone fully turned off, then holding the “Volume UP + Power + Home” buttons simultaneously until you see the Samsung boot logo. You should now be on your recovery screen (if you have stock recovery, you have come to the wrong guide).

Important: if you never flashed the no-verity patch when you first rooted using Magisk, removing Magisk will soft-brick your phone. If this applies to you; you can either skip this step, or take the risk. If this doesn’t apply to you, carry on.

From recovery, go to install, then you should find your Magisk-uninstaller zip where you saved it. It may take some navigating. Find it and flash that bad boy. If all went well, which it did for me, your phone is now unrooted. If you see any red messages, try again. If it persists, I’m afraid you’ll probably need to factory reset and restore your backed up data. A more simple way of removing Magisk is to do it from the Magisk manager app itself, but since we want to do the job properly, we flashed the zip. Tap on reboot system.

If all went well, your phone turns back on normally but now it doesn’t have Magisk installed. Turn your phone back off, it’s about to get real.

Step 3: Flashing the New Firmware

Open up Odin on your computer. For better measure, you can right-click the program and select “Run as administrator”. As you already have Magisk on your phone, you must be thinking “hello darkness my old friend”, being familiar with Odin.

You need to unzip the firmware file before you put any of the files into Odin, so make sure you’ve done that before carrying on.

You should be seeing this interface:

odeein

Click on BL and it’ll open a windows explorer window. Navigate to the firmware folder you saved and select corresponding MD5 hash file with the prefix “BL”:

ballz

 

 

 

 

 

Now it’s been selected under the BL tab:

ballz2

Do the exact same for the other tabs by selecting their corresponding prefix from the firmware folder except from the CSC file. i.e. the AP file goes in the AP tab and the CP file goes in the CP tab. The program might stutter a bit as it checks the files.

For the CSC tab, you want to do something slightly different. Do not select the HOME_CSC file. Instead, select the similar “CSC” file.

Remember, if you use the HOME_CSC file instead of the normal CSC file, your phone will soft brick when the new firmware is flashed. Do not try it. Backup and reinstall your user data.

At this point you should be seeing something like this:

32523532

Your phone should still be off, if it isn’t then turn it off. Hold down the Volume DOWN + Power + Home” buttons to enter the firmware download screen.

Press “Volume UP” to confirm. Now plug your phone back into the USB cable, this is the moment of truth. In the log, something similar to “<ID:0/004> Added!!” should appear, showing that the program has recognised your phone plugging in. The number that appears on your screen may differ.

Do not change anything in the options, these should be the default settings:

opts

Press “Start” and the firmware download process will begin. This takes a few minutes, so make sure you don’t accidentally unplug the phone in the process.

Step 4: Making Sure the New Firmware Works

Once completed, you should be seeing this:

ye boi

At this point, it’s safe to disconnect your phone and close Odin if you so wish, but we’ll be needing it again in a second. Your phone should also display a few update screens, let it do its thing. It can take up to 15 minutes and get hot to the touch so be VERY patient. If your phone has not left the boot screen for half an hour, then it’s time to worry and you will likely have to enter recovery and factory reset. Luckily, that’s the reason we backed up.

The reason we turn on the phone again is so that we can confirm the phone is still working as it should before we root it again. It also gives it a chance to completely finish the update process before we flash anything again.

Step 5: Re-flashing the Custom Recovery

Once you’ve confirmed everything is still where it should be, you can install the custom recovery again. If for some reason your phone was wiped, you need the no-verity patch and the magisk zip stored on your phone somewhere.

In this guide we’re using TWRP, but other custom recoveries work as well. Turn off your phone and run Odin again. On Odin, place your TWRP tar file into the AP slot and disable Auto Reboot in the options.

buyacka

Put your phone into download mode once more by turning it off, then holding down the Volume DOWN + Power + Home” buttons until it enters the download screen. Press the “Volume UP” button to confirm. Plug it into the PC via USB again. The log should say “<ID:0/004> Added!” as before. Press Start.

Once you see “<OSM> All threads completed. (succeed 1 / failed 0)”: Hold “Volume DOWN” + “Power” + “Home” to exit download mode and whilst holding all the buttons, immediately swap from “Volume DOWN” to “Volume UP” when the screen turns black. Continue holding until the recovery screen appears, for good measure.

If the TWRP recovery screen doesn’t appear, try turning the phone off and then holding “Volume UP + Power + Home”.

On the latest version of TWRP, you should swipe right to allow modifications. Then navigate to Install. The rest is yours.

Notes

  • Do not “restore stock boot image” if your phone asks
  • using the home_csc does not delete user data, but you should use csc as using home_csc will cause your phone to bootloop and you will have to flash stock Android again
  • Google Pay will reset
  • yes disable dm-verity using the patch
  • edit build.prop file lines to: ro.config.tima=0 AND wlan.wfd.hdcp=disable
  • ‎Rename the following file /system/lib/liboemcrypto.so to /liboemcrypto.so.bak

Saudi Arabia is Changing

I’ve had the unusual pleasure of living in Riyadh, Saudi Arabia for nine years of my life. Of course, the way us Westerners view the country is a lot different to the way Arabs do. We live in compounds surrounded by high walls and electrified wires with watch towers, they tend not to. Instead they live in houses with… high walls. According to my old Arabic teacher; the higher the walls are, the more important the person living there is.

King Salman hasn’t been seen in public for ages now due to poor health. His reign hasn’t lasted very long. After the death of Abdulaziz in 2015, Salman took over. Now, King Salman has fallen ill and it is thought that he could pass any day now, so the reign has been passed onto another Salman; Crown Prince Salman – who now rules the KSA.

What do the other Arab royals think of it? I’d imagine he’s quite polarising for them. He’s kicked most of them out of their palaces and taken away their money, theoretically to invest in more important things.

The new crown prince has seen Saudi Arabia boast changes mostly aimed at modernisation. Stepping foot into the country for the first time after nine years of living away, I couldn’t believe it. The airport now has shops in it, civilians and women working at the immigration, new glass gateways, and restaurants – all previously unimaginable for the country.

They’ve built over and placed a shop floor over what used to be a bridge over the fountains to the gates.
The architectural design of King Khalid International is a unique one. It’s nothing like the boring metal sheeted airports you get elsewhere.

Incredible, I thought. Later during my stay, I found out that popular Western music artists would be performing in the country; the Black Eyed Peas, Enrique Iglesias, Jason Derulo, and David Guetta. I never thought in a million years that I would be able to see any of these famous people perform in Saudi Arabia of all places. I managed to see the Black Eyed Peas and Amir Diab, a famous Egyptian singer.

In addition, I thought something was off when I was at the shopping centres in the city. It took me a while to realise, but I saw women working in the shops. “Hang on,” I thought – “since when could women work here?” Turns out that they’ve been able to work here for three years now. However, some archaic and skewed religious laws remain. At the concert, I noticed a security guard leaning into the crowd from the fence and shouting in Arabic at some men. I had no clue what was being said, but it was clear that he wanted them to leave the crowd. After thirty seconds of that, he noticed me and started pushing me and shouting in Arabic. I wouldn’t budge, so he gave up after a moment. Some nearby onlookers introduced themselves to me and then told me that he was trying to separate the men from the women. Crazily enough, I managed to capture some of it on my phone below. It appears that the culture has yet to catch up.

On the topic of Formula E, it was a showcase event for the country to show the rest of the world that it can be like them. It’s the first of its kind in the country, aimed at the international community as if to say “come in, we’re open.” Below are a few pictures I took at the event.

img_20181214_231850img_20181214_213829img_20181214_200634img_20181214_140250

The city of Riyadh is expanding rapidly. Only ten years ago, it was a tiny city with only two skyscrapers; Al Faisaliyah Tower and Kingdom Tower. Below are some photos from the top of Kingdom Tower (AKA Kingdom Centre).

IMG_20181217_132325-01
Only 15 years ago, all of this land was desert in the outskirts with the roads being paved by steamrollers.
IMG_20181217_132354
In the distance is the financial district, it’s all new and only came into existence within the past few years.

IMG_20181217_132358-01IMG_20181217_133420

IMG_20181217_133505
The bridge on top of Kingdom Tower.
IMG_20181217_133529-EFFECTS
In the centre is Al Faisaliyah Tower.

IMG_20181217_133815-EFFECTS

Only about 20 years ago, most of the buildings in the photos above didn’t exist. It was all desert with only steamrollers paving the roads now filled with traffic. The country is rapidly catching up with the rest of the world, but it still isn’t a nice place for women to live. Need to get an Uber? You may need to get in a separate one from a woman. The Mutaw’ah or religious police barely seem to exist anymore – if they still do in the capital. They would be men with robes sporting golden lining, armed with swords. They would usually catch out any women who aren’t wearing an abaya or a headscarf.

Strange Method of trying to Extort Money using Combo Lists Uncovered

[scammer]@pnpytur.com says

I do know [old password I used once when I was 12, anyone can find it on the anti public combo list] one of your password. Lets get directly to purpose. You don’t know me and you are probably thinking why you are getting this email?

actually, I installed a malware on the xxx streaming (porno) site and guess what, you visited this site to experience fun (you know what I mean). When you were watching videos, your web browser started operating as a Remote control Desktop that has a keylogger which provided me with accessibility to your display screen and web camera. Right after that, my software program collected all of your contacts from your Messenger, social networks, and e-mailaccount. And then I created a double-screen video. 1st part displays the video you were viewing (you have a fine taste hehe), and second part shows the view of your cam, yea its you.

You do have a pair of alternatives. Shall we read the possibilities in aspects:

First option is to ignore this e-mail. Then, I most certainly will send your very own video recording to just about all of your contacts and also just imagine about the embarrassment you will definitely get. And consequently if you are in an affair, just how it is going to affect?

Number 2 solution should be to pay me [absurd amount of money which no one will pay]. Lets refer to it as a donation. Then, I most certainly will instantaneously discard your videotape. You could continue on your lif e like this never took place and you will not ever hear back again from me.

You will make the payment through Bitcoin (if you don’t know this, search for “how to buy bitcoin” in Google).

BTC Address: [he put his bitcoin address in here]

If you have been planning on going to the law enforcement, look, this email can not be traced back to me. I have covered my steps. I am just not looking to charge a fee very much, I simply want to be compensated.

You now have one day to pay. I have a special pixel within this e mail, and now I know that you have read through this email message. If I don’t get the BitCoins, I will send your video recording to all of your contacts including members of your family, coworkers, and so on. Having said that, if I receive the payment, I will erase the video right away. If you really want evidence, reply with Yes! & I definitely will send out your video to your 7 contacts. It’s a nonnegotiable offer, so please do not waste mine time and yours by responding to this e-mail.

It’s easy to deal with such a scam, simply ignore the email. The scammer finds your password by looking at combo lists, letting other people do the bulk work for him and then using the password on that list to try (very poorly) to make the threat seem real.

I once believed that this scam was easy to see through, but my computer science buddy Pete told me he was approached by a friend who asked for advice after seeing this scam. The friend was apparently about to pay up before asking my buddy Pete about what she should do.

I was considering sending a response to see what would happen, but if I did that then the scammer would see that me email address is active.

If you’ve received such an email, just ignore it. He can’t do anything except send more emails begging for money.

To protect yourself from these, the only rule you really ever need to follow is don’t re-use passwords and use a password manager.

You can check to see if your password has ever been leaked at https://haveibeenpwned.com/

Bangkok Fury: Reminiscing

In 2016, I went to Bangkok and Pattaya.

DSC_0018DSC_0174-01

Typically, one would travel to Bangkok for the city life, night life, and all that buzz. Funnily enough, one would travel to Pattaya for the same thing, except there is also a beach there. A thing that has almost always been true about Thailand is that its economy is highly dependent on tourism – a lot of things are targeted at foreigners with lots of disposable income. Over the years, I have noticed the hugely increased likelihood of seeing other foreigners in Thailand whereas there used to only be a few.

DSC_0140DSC_0167DSC_0181

The three displays above are examples of marketing towards the tourist market. The first image is of a food menu I saw in Bangkok; obviously imitating what Westerners would usually go for in a meal, but it also appeals to the local population due to curiosity in what Americans and such usually eat. One easy thing to make fun of is the misspelling of ‘Western Main Cause,’ but I find it interesting just to look at because it reminds you that the person who made the menu probably does not have the same luxuries in technology that we do over here. It is also the determination in the attempt at English shows how important it is that some Thai businesses are able to attract tourists and on some occasions; expatriates.

Soho Town in Pattaya boasts being the first Chinatown there. The interesting thing about this is that it is a recent addition to the city; having only existed there a few years now. There is a massive Chinese presence in Pattaya, especially during the summer where bulk tour groups consisting of hundreds of Chinese tourists visit for cheap. I would think that the existence of a Chinatown is related to this trend, as it must be a popular place for meeting up and doing things.

The lit up London Calling billboard was found in a hot spot called Nana Plaza in Bangkok. Funnily enough, there were actually British people around here. Again, the symbolic link in Western iconography shows the importance of being able to attract tourists for business.

The above photo was something I found humorous. A statue I saw in a hotel lobby in Bangkok and I just had to snap a picture. More than meets the eye – what is the connotation in the statue of a plump woman walking her dog? It’s an impression of the average Western female, of course! The small details matter when you look into them.

DSC_0184DSC_0176DSC_0156DSC_0032DSC_0031DSC_0024-01

 

A Holographic Music Visualiser

For my final year, I made a box that can visualise music. But not just any box, it’s a hollow wooden frame with a perspex/acrylic prism. Photos are better at explaining.

It works by loading songs from a SoundCloud playlist and the visuals react to the wavelengths. But there’s more! You can control it using gestures such as swiping left, right, up, and down, and swirling your hand in front of a Flick board connected to a Raspberry Pi. The project was coded in Python and uses Electron for its renderer.

There’s also a 60 second video I made to go along with the final final assignment.

I also kept a blog of documenting the build as part of the project: https://as14acz6.tumblr.com/

Launched a New Blog

April 2018 edit: Took the site down, wasn’t used, but it’s too exploitable. Pyramid schemes suck anyway

Hi-diddly-ho neighbourino!

I’ve launched a Tumblr blog that’s set to give out discount coupons for G Suite. Now that I’ve used the word Tumblr, WordPress has probably blacklisted this blog post from reaching search engines, oh well! Haha.

Anyway, it can be found at https://gsuitediscountcodes-eu.tumblr.com

Only works for users in some countries in Europe and the UAE.

WordPress or Tumblr?

After about a year of using WordPress, very little entices me to stay. You have to pay annually to get your own domain mapped, as I have done. It’s free to do so on Tumblr. You have to pay to remove ads. There are no forced ads on Tumblr blogs. You would even get more control with a Blogger site.

ads tumblr
A free option of Tumblr’s that WP makes you pay for

Here’s a little list I’m about to brainstorm about why Tumblr is better than WordPress:

  • You can edit HTML for free on Tumblr, you have to pay with WordPress
  • There is a greater impression of community with Tumblr, giving you the freedom of choice to ‘reblog’, ‘like’ posts, or follow blogs if you wanted
  • Tumblr is completely free of gimmicks such as paying to remove ads, mapping domains, with the exception of ‘premium themes’
  • Tumblr is easier to use in my opinion, it has just as much flexibility as WordPress, if not more
  • In my opinion, even the ‘personal’ plan WordPress has is overpriced – why should I pay for these things when I can get it for free elsewhere?

So then, why should anyone choose WordPress? If you’re rich or a business; WordPress has more business tools to offer for people willing to pay for them. These are Search Engine Optimisation tools and other ‘plugins’ (like bolt-ons from your mobile phone provider). Oh and there was a Tumblr password leak years ago. Of course, this shouldn’t be a problem if you follow rule #1 of passwords; never re-use them.

Well that begs the question; why did you choose WordPress, Dufus?

Because after having used Blogger, then Tumblr, I felt like a change. Now I’ve experienced all the big three blog sites, I have to say that I feel Tumblr outdid the competition. However; I’ve done too much on this blog now to be able to move, unless I just copy all my posts over. It’d be a long process though.