Thanks to Emily for sharing this quotation on her blog.  I find it so inspiring I thought I would share it on my blog also.

So without further ado, here it is:

You must manifest complete love and affection toward all mankind. Do not exalt yourselves above others, but consider all as your equals, recognizing them as the servants of one God. Know that God is compassionate toward all; therefore, love all from the depths of your hearts, prefer all religionists before yourselves, be filled with love for every race, and be kind toward the people of all nationalities. Never speak disparagingly of others, but praise without distinction. Pollute not your tongues by speaking evil of another. Recognize your enemies as friends, and consider those who wish you evil as the wishers of good. You must not see evil as evil and then compromise with your opinion, for to treat in a smooth, kindly way one whom you consider evil or an enemy is hypocrisy, and this is not worthy or allowable. You must consider your enemies as your friends, look upon your evil-wishers as your well-wishers and treat them accordingly. Act in such a way that your heart may be free from hatred. Let not your heart be offended with anyone. If some one commits an error and wrong toward you, you must instantly forgive him. Do not complain of others. Refrain from reprimanding them, and if you wish to give admonition or advice, let it be offered in such a way that it will not burden the bearer. Turn all your thoughts toward bringing joy to hearts. Beware! Beware! lest ye offend any heart. Assist the world of humanity as much as possible. Be the source of consolation to every sad one, assist every weak one, be helpful to every indigent one, care for every sick one, be the cause of glorification to every lowly one, and shelter those who are overshadowed by fear.

In brief, let each one of you be as a lamp shining forth with the light of the virtues of the world of humanity. Be trustworthy, sincere, affectionate and replete with chastity. Be illumined, be spiritual, be divine, be glorious, be quickened of God, be a Bahá’í.

(Abdu’l-Baha, The Promulgation of Universal Peace, p. 452)

Quotes from Abdu’l-Baha fill me with such joy, and inspire me to try and do what little I can to live life in such a beautiful way.

Filed under: Baha'i by kiamo
No Comments »

So there I was, sitting on my sofa, surfing the internet, thinking about my life, and what to do with it, thinking about what to pursue and what to strive for excellence in, when I discovered the Ethical Hacker Network.  And more importantly, I discovered some top notch career advice from Don himself, the founder of the Ethical Hacker Network.

He delivered this presentation at a conference in Chicago, and although it’s really career advice for people who are thinking about a career in ethical hacking, there’s an awful lot in there which struck me as good advice for anyone about to embark on a career or who wants to recreate their career.

I highly recommend it to anyone thinking about these things in the slightest.  So less talk from me, go check it out!

Filed under: life musings by kiamo
No Comments »

Kiamo’s Security VLOG from Kian Mehrabi on Vimeo.

Edit:  Embed is now working correctly.  yay!

Unfortunatly it’s not embedding properly.  Gotta go to work now so I’ll try and sort it out later.  However You can watch it at vimeo in HD with no problems by clicking on the above link.

Purpose: Explaining computer security threats to users that dont consider themselves hackers or even to be very proficiant with computers.

Inspiration: After writing an article on my blog last night about the Torpig Botnet, I was thinking a lot about the importance of having a culture in which people use there computers securely, with an approach just as second nature as most of us have with regards to physical security, such as locking our doors when we go out.

Good habbits and practices are essential to responsible computer use, but I also think it is a great help if users understand the techniques that black hat hackers use to attack victims.  This begins to develop a good intuition, and builds awareness of things that could be a threat.

If anyone wants to ask questions or comment, please do so on my site, rather than on facebook or vimeo.

Filed under: security by kiamo
5 Comments »

Torpig  is a malware program that harvests sensitive information from victims.

Botnets are networks of machines infected with malicious code (malware) that are controlled by an adversary.

Researchers from the University of California have released a 13 page paper documenting their experience hijacking a botnet referred to as “one of the most advanced pieces of crimeware ever created”.

They hijacked the Torpig botnet for 10 days, during which time they recorded more than 70GB of data that the bots collected, and observed more than 180 thousand infected machines.

Different data types of information recorded over the 10 day period includes:

Mailbox account 54,090
Email 1,258,862
Form data 11,966,532
HTTP account 411,039
FTP account 12,307
POP account 415,206
SMTP account 100,472
Windows password 1,235,122

“Form data” is anything submitted into web page fields, such as login names, passwords, credit card details, address’s, etc.
Even encrypted and secured methods for transmitting this information that most banks use, do not protect infected machines from Torpig, as Torpig can read the information before it gets encrypted.

The last few years have seen a big shift from malware for fun, to, malware for profit.  Torpig is specifically crafted to obtain information that can easily be sold in the underground market.  Bank account info, and credit card numbers are particularly valuable, and the typical Torpig configuration file lists about 300 domains belonging to banks and other financial institutions.

“In ten days, Torpig obtained the credentials of 8,310 accounts at 410 different institutions.
The top targeted institutions were PayPal (1,770 accounts), Poste Italiane (765), Capital One (314), E*Trade (304), and Chase (217).”

38% of these credentials stolen where obtained from the password manager of browsers.  The researchers also found that almost 28% of the victims reused their credentials for accessing sites.

Lessons to be learned from the research are to use STRONG passwords!  Seemingly random letters, numbers, and punctuation if possible.  I pick the first letters of words in sentences and throw in some numbers and ASCII characters.  Another lesson is to use unique passwords for sites and accounts, and to refrain from saving your important passwords in your browser.  It’s no good avoiding saving your online banking password, but then thinking you can save your password for an unimportant site, if you use that same password for your online banking.

Victims of botnets are people with poorly maintained computers that choose easily guessable passwords.  The main security problem rampant in technology is fundamentally a cultural problem.  Most of us get the concept of physical security; locking our houses, our cars, looking after our bags and purses, however there is a serious lack of awareness and understanding when it comes to responsible use of computers.

Using our computers in a secure fashion must become as normal and second nature as locking the doors at home.

Filed under: security by kiamo
No Comments »

Two nights ago I stayed up most of the night learning some XHTML and CSS for building my own wordpress themes. Last night I stayed up most the night coding simplyGreen, which was based on the quick theme concept I did earlier this week. Although it’s not entirely accurate to the concept, I’ve done what I can in one sitting. When I get a chance I’ll look into sorting out the footer(which currently doesn’t display where I want it if at all), and try to get a better grasp on controlling the page layout with div tags and css.

As I’m using the theme on my site there’s no reason to include an image, that and that I’m writing this post with the wordpress for iphone app which lacks a screenshot function or any means to attach the image in this post. So those of you that are rss subscribers will have to actually visit my site if you want to see it.

EDIT:  I did some more editing on the theme and broke it.  Gotta go to work now, but later this evening I’ll fix it again.  For now I’ve gone back to the previous theme.

EDIT:  Fixed it again, and updated it.  Still a few bits to touch up but its basically working.  Lets hope I dont break it again haha.

FINAL EDIT: Done!  I might work on a dark theme next…

Filed under: web by kiamo
No Comments »

Recently I started working on a theme for the haphazardMEDIA website.  I enjoyed mashing it together in photoshop, however the lack of thought I put into design left me feeling stuck.  Something just isn’t right.

After reading a brief amount about web design on Mark Boulton’s Blog, I did a quick little experiment in photoshop to help me break free from the haphazardMEDIA theme.

What are your thoughts on these designs? Particularly the first one?  It would be really helpful to hear other peoples points of view.

Filed under: freelance thinking, geek by kiamo
1 Comment »

Earlier on in the year I tried out the Windows 7 beta, and was fairly impressed with how fast, stable and complete it was.  However, it wasn’t perfect so I continued using vista.  (or macOSX while I was experimenting with my hackingtosh)

The other day I got a hold of the Windows 7 Release Candidate (RC) and I’ve been testing it out.  It runs faster than vista, it’s stable, and all my important apps are working fine; zbrush, photoshop, dreamweaver, 3dsmax9(32bit) 3dsmax2009 (32/64bit), and all the other more general apps too.

Windows Vista was bloated and slow, windows had grown into this big, complex, monstrous, resource hungry thing with compatibility issues due to versioning (although I still preferred it to xp).  Windows 7 is leaner, faster, generally better optimised, will not suffer the same compatability issues vista went through, and has some nice UI features.

Keyboard Shortcuts!

Windows 7 also includes some more keyboard shortcuts.  So if your the kind of person that likes shortcuts (I am) then you might like some of these.

• Dock your windows left and right with WindowsKey+left/right arrows.
• Win+up/down to minimize / restore / maximize.
• Win+Shift+up/down arrows to maximize and restore vertical size.
• Win+Shift+left/right arrows to jump windows to other monitors.
• Win+P to change through display modes.
• Win+1, Win+2, etc.. For launching new instance of any of the first five icons on your taskbar.
• Win+Space to peek at your desktop.
• Win+T will put focus on the taskbar so you can use the arrow keys to select which window or group, then hit enter.
• Win+E will open up a new explorer window.

How to get it?

On April 30th Microsoft finished and made available Windows 7 RC to MSDN and TechNet subscribers, and it will also be available to the public on May 5th for anyone to download from the Windows 7 site.  Microsoft have stated that people runing the freely available Release Candidate, will be able to continue using it freely until June 2010.

System Requirements?

Windows 7 will run on the broadest spectrum of hardware compared to any Windows version at launch.

• 1GHz or faster 32-bit (x86) or 64-bit (x64) processor
• 1 GB of RAM (32-bit)/2 GB of RAM (64-bit)
• 16 GB of available disk space (32-bit)/20 GB (64-bit)
• DirectX 9 graphics device with Windows Display Driver Model 1.0 or higher driver

Filed under: geek by kiamo
2 Comments »

J linked me up to this awesomeness on youtube, it gets uber around halfway.

I haven’t been blogging in ages.  However I do intend on getting back into the habbit.

Filed under: Uncategorized, music by kiamo
No Comments »