Category / Reports

by Nirupam Biswas

New (possible) social engineering attack using forums.

First a disclaimer: I am not 100% sure if the incident that I am about to mention was really a social engineering attack to steal my email id. The attacker introduced himself as Osher. Osher if your intentions were really good then do let me know and I sincerely apologies.

The incident

Refer to the comment posted by some guy Osher on my post ‘Making sense of standard deviation‘. I had asked one question in the StackOverflow forum, to which he replied on my forum! his repose read funny.

Hi – I’m trying to get you without any relevance to this post.
I’m referring your post in Stack Overflow:
http://stackoverflow.com/questions/5230144/script-tags-in-body-not-get-evaluated-after-previous-js-errors

I don’t see the mechanism of Stack-Overflow fit for dialog, and I need some information to understand some things before I can post a reply…

Is one of the scripts that do not exist any more is HtmlUnit?
I suspect that the problem is that you take API that you get from HtmlUnit as a part of JavaScript, and when you take them out – you get null-reference on APIs that HtmlUnit provides and is no longer available

find me at osher.filter (at) gmail.com, and we’ll sort things out 🙂

If you read his reply then it doesn’t make any sense. Furthermore StackOverflow has comment section for discussing stuffs. You need not reply in anybody’s forum. My StackOverflow account has my blog address, so it wasn’t hard to guess how he came here. My guess is that he wanted to harvest my email for spam, so I replied to him by posting via my forum. After that I never heard from him.

So, friends beware on the net!

by Nirupam Biswas

Why Is PayPal Screwing Indians? Short version.

Today I received the following mail from PayPal

As part of our commitment to provide a high level of customer service, we would like to give you a 30-day advance notice on changes to our user agreement for India.

With effect from 1 March 2011, you are required to comply with the requirements set out in the notification of the Reserve Bank of India governing the processing and settlement of export-related receipts facilitated by online payment gateways (“RBI Guidelines”).

In order to comply with the RBI Guidelines, our user agreement in India will be amended for the following services as follows:

  1. Any balance in and all future payments into your PayPal account may not be used to buy goods or services and must be transferred to your bank account in India within 7 days from the receipt of confirmation from the buyer in respect of the goods or services; and
  2. Export-related payments for goods and services into your PayPal account may not exceed US$500 per transaction.

PayPal always conviniently quote RBI for all wrong doings but from a post – Why Is PayPal Screwing Indians? An ex-RBI Employee Tells Me The Facts, I came to know of the reason. Which can be summarized as, any organization which stores others’ money for more than 7 days need to be treated as banks. Also all inflow of cash of more than 500 USD needs to be reported to RBI. Paypal neither wants to follow the bank regulations nor it wants to go into hassle of informing RBI. So, finally all Indian startups end up loosing.

I wonder what is keeping banks like ICICI, Citi or HDFC to start such a service in India? This is a great new open market with practically no competition in India.

by Nirupam Biswas

Windows Phone 7 is, as we speak, losing fantastic applications because of its approval process.

Designer Silverlight » Blog Archive » Windows Phone 7 UX – One Size Does Not Fit All.

I would like to quote one para from the linked post.

I can’t overestimate how frustrated my clients are with the Microsoft approval process. It ranges from sadness to fury. Clients who are on virtually all other platforms are expressing frustration that they have never had so much trouble getting through an approval process. The rejection reports are inconsistent, spotty, and fragmented. We will submit an app 5 times and get different “errors” back each time. Nine times out of ten, those errors are not errors, but complaints about UX functionality. Of those, at least half of them are complaints about functionality that, if fixed, would worsen the user experience.

I love Microsoft and I love Windows Phone 7, but rejecting apps based on the UX guidelines (while not giving us the tools to abide by the guidelines effectively) is a recipe for suicide.