Friday, January 29, 2010

XSS Cheat Sheet

One of my coworkers stumbled onto this XSS or Cross Site Scripting attack cheat sheet site or

I've been trying to learn more about internet security vulnerabilities which I think this site would help with. There are number of different crytopgraphy ciphers that are worth looking at as well: RC4, ROT13, ROT47, blowfish encryption, base64. (Use wikipedia).

Thursday, January 28, 2010

How to Dual boot Mac OSX 10.6 Snow Leopard and Mac OSX 10.5.8 Leopard

I work for a small software company that one day decided it needed to support Safari 4 for Snow Leopard and Leopard. We had an older Mac Mini with an Intel Core Solo that I had upgraded to Mac OSX 10.5.8 Leopard from Mac OSX 10.4. Thanks to Apple's tactics of only allowing retail copies of their software (not OEM versions) to be used on different machines; we had to purchase the Mac OSX Leopard discs. During our search for solutions to this dual Mac OSX problem it became apparent that running two different versions of Mac OSX was not something Apple wanted people to do. With no virtualization support, there is no way to run Mac OSX Snow Leopard on the PC and no way to run Mac OSX on Mac OSX... They are a hardware company after all!

We decided to purchase a new 27" iMac and use the video in to connect our Mac Mini so we could consolidate some of our hardware and still be able to toggle between Mac OSX Snow Leopard and Leopard. After much hassle and some searching on Google we found out that you can only hook the 27" iMac up to another computer that uses the Mini DisplayPort, using a special cable. This would have been great information for the Geniuses at the Apple Store to know. This also ruled out hooking it up to the Mac Mini which only has a DVI port.

The next logical thought, since we couldn't hook up the Mac Mini and 27" iMac, was to dual boot Snow Leopard and Leopard using partitions. I created a partition using Disc Utility, then booted to the Mac OSX Leopard retail discs, selected the disc on the boot menu and watched as the system would hang. Somehow the installers check to see if the machine is newer than it is and then the install stops. All the user sees is a blank screen. In the end I found a rather easy way to dual boot between Mac OSX 10.6 Snow Leopard and Mac OSX 10.5.8 Leopard using a software program called SuperDuper! 2.6.2. I basically cloned my Mac Mini that had Leopard installed and then restored it onto a partition on the iMac. Note: you have to purchase the full version for this to work:

  1. Using Disc Utility on your Snow Leopard computer, create a Journal Extended partition
  2. On your Leopard computer, download and install SuperDuper! 2.6.2
  3. Register and pay for the full version (otherwise you won't be able to use the Sandbox mode)
  4. Copy your Leopard Macintosh HD to a Disk Image
  5. When prompted:
    1. Specify an image name on your external Hard Drive
    2. Use Read Only mode – it's the fastest
  6. Select using Sandbox – shared users
  7. Click Copy Now
  8. When the copy is complete you will now have a clone of your Leopard Hard Drive
  9. Install SuperDuper! On your Snow Leopard computer
  10. Copy your image to your new partition
  11. Click Copy Now
  12. When the copy is complete you will now be able to dual boot Snow Leopard and Leopard
  13. You can check to see if it worked by going into preferences in Snow Leopard and making sure both Startup discs are there.

This cloning process worked fine on the first try, it just took a few hours. When I booted into the Leopard partition for the first time on the iMac, I renamed the hard drive so I could distinguish it from the other drives. When SuperDuper! copies over the partition both drives will be called Macintosh HD. Don't rename the Leopard partition in Snow Leopard, this will cause problems. Also you don't rename the Snow Leopard partition at all otherwise the sandbox won't be able to share user information and you'll be unable to login. So far, the only problem that we've noticed running Leopard on the iMac is the airport card isn't recognized. This isn't a problem if you use the Ethernet connection but it could potentially be annoying.

Hopefully when Apple comes out with the successor to Snow Leopard we will be able to use SuperDuper! to create a new sandbox clone of Snow Leopard and then be able to run all 3 variations of OSX. You've got to hand it to Apple on computer designs; they're the best. The problem is they are the worst when it comes anything else – like software and compatibility.


Notes – New Info and Recaps:

  • We eventually found that Snow Leopard and Leopard deal with web security certificates differently regardless of the version of Safari.
  • The OEM discs that come with your product can only be used on the same type of machine. You need retail copies to upgrade non-exact replica machines. I.E you can't use the iMac's snow Leopard discs to upgrade a Mac Mini.
  • The 27" iMac only does video in with the mini Display Port using the Mini DisplayPort to Mini DisplayPort cable by Belkin and can't be daisy chained or converted.
  • The 27" iMac can't boot to older Mac OSX discs like Leopard, it just hangs.
  • The SuperDuper! sandbox partition of Mac OSX Leopard seemed to work fine on the 27" iMac except our wireless / airport card wasn't recognized. That didn't matter for us since we were hardwired.
  • We bootcamped the 27" iMac and put Windows 7 Enterprise on it so we could use it for more than a Mac testing box. Apparently Windows doesn't have the built in drivers for this version of the iMac screen and so as soon as you get to a certain point in the installation process, the screen goes blank. Before you attempt to install Windows 7, do a quick Google search, find the drivers and put them on a USB drive. When the installation starts you can press a key (I can't remember the exact one) to include the new screen drivers and avoid the problem from the start!

Sunday, January 17, 2010

Triple Monitor option for Dell Studio XPS 8000

I'd been considering adding an additional monitor or two to my Dell Studio XPS 8000 desktop since I purchased it a number of months ago. I already run two 19" displays so I'm maxed out in terms of the 2 video outputs (DVI) for my 1GB NVIDIA GeForce GTS 240 graphics card. I tried hooking up my TV using a DVI splitter but all that did was duplicate one video output to two monitors.

I assumed my only option (and a cool one at that) would be to add an additional graphics card to my computer. When I opened the Dell Studio XPS 8000's case I noticed two open slots for PCI and PCI Express 1x. Two other slots were currently occupied: a PCI Express 16x that housed my GeForce GTS 240 graphics card and a PCI Express 1x port that housed my internal wireless card. So to recap that's 1 PCI Express 16x port, 2 PCI Express 1x ports and 1 PCI port.

I decided to purchase an install a second graphics card in the PCI slot, just in case something cooler came along that I could then use the last PCI Express 1x port for. I purchased and installed a PNY Verto 512MB DDR NVIDIA GeForce 8400 GS PCI graphics card. Once I managed to fit the rather large card into the small space provided (thank you Dell), which required removing my wireless card temporarily, and connected the TV's VGA cable to the card the TV sprang to life. Windows 7 detected the new hardware immediately and within a few minutes I was up and running. No need for the accompanying drive software!

Now I can run Hulu Desktop on my TV and work all from the same powerful system! Plus if I had to work would be much easier. Have you ever tried comparing two applications, its much easier with dual or even triple monitors!

Thursday, January 7, 2010

Windows 7's "God Mode"

For the past few days I've seen countless blog posts touting a Windows 7's hack called "God Mode" that essentially allows you to create a shortcut to the control panel but with a simple list of services instead of the categories.

Here is the Lifehacker article.

I made the hack myself by putting it on my desktop. I created a new folder and then gave it the follow name: Control Panel Explorer.{ED7BA470-8E54-465E-825C-99712043E01C}. I thought the name "Control Panel Explorer" was much better than "God Mode" because it's technically more accurate. The "God Mode" shortcut doesn't really unveil any extra power, just a different way to organize the control panel. Anyways it's a small little hack that is quite handy, especially when you are used to Windows XP and going straight to the control panel area you want to look at.

Personally I hate that Windows 7 and Vista hide the View Network Connections window which "Control Panel Explorer" now let's me get to without problems. You might find the same benefits, just know there's nothing God Like about what you are doing to Windows!