The Misadventures of Penoi

Last week i received an email asking if I'm in posting their ads. To check out their ADS Unit, i must click a Google Picasa Web album url. Curious, I clicked on the URL from the email and it forwarded me on a Google Account authentication page.

Hmm smells fishy. Remember that my wife’s yahoo account was hacked after someone from her friend’s hacked YM asked her to check out the pictures on his flicker. In just a minute, her username and password was harvested by the hacker and we have to call Yahoo just to retrieve the credentials.

You wont notice that this is a bogus page.



http://picasaphotos21.t35.com/photoalbum.htm

hmmm, ok. Not your usual Google URL and looks like a subdomain of t35.com

Let’s check out www.t35.com



Boom!!! t35.com is a free website service. So the hacker uses a free web service to host his fake Google Picasa page. The minute you entered your Google Account username and password it will be harvested.

How will you identify if the page is bogus or not? Here are some of the basic steps that you can use:

1. Google always use webpage SSL certificates. You will notice that the URL starts with https://…. instead of http://… on its page authentication.

2. Update your internet browsers. New browsers are intelligent enough if the SSL certificates is fake or not.

3. Always check the URL of the page. Most of the hackers uses free web service hosting to host their bogus site.

Internet security awareness will always save your butt and your hard earned ADS payments.

It sucks when you have a status of "i'm having a bad day" and then people clicked on "Like"

Philvocs warned that a possible tsunami will hit the eastern part of Philippines generated by the massive earthquake on Chile. Hopefully the warning is not true and regard it as one of those hoax news.

source http://www.abs-cbnnews.com/nation/02/27/10/philippines-issues-tsunami-alert

Linux Professional Institute alumni to receive Novell Certified Linux Administrator for free. As in for free!!! No charge or extra exam to take. As long you are a LPIC-1 certified, you are eligible to be a CLA certified. So what's the catch? Seems Novell wants to boost their marketing strategy and pump up the numbers of certified professional under their umbrella.

To validate your LPIC go to https://cs.lpi.org/caf/Xamman/certification and apply for Novell CLA certification at http://practicum.novell.com/LPI2CLAForm.php. Fill out the form, provide your LPI ID and verification code. Allow 1 business day before they send your pdf certification stating that you are a certified SUSE Linux Enterprise 11 admin!!!

Preparing one of Filipino's favorite delicacy adobo with my preggy wife. Yep you heard it right, my wife is pregnant.. Finally... Excited and nervous at the same time. This will be a new journey for us.. Having a baby and also having those sleepless nights as they said.  :)