Crazy Visual Studio: “No files were found to look in. Find was stopped in progress.”

This is the second time I have faced the same problem... No gurrantee that it won't happen for third time. So here come my tips to solve it. The problem is, in Visual Studio 2008, whenever I tried to find someting in files, after clicking find I got a reply "No files were found to look in. Find was stopped in progress.”. Being stupid and superstitious, I restarted visual studio, din't work. Then restarted machine as well, din't work. Now its time to think logically. Asked my best friend - Google, for solution. He gave me this, this and THIS!!!.. In short: the solution is, press Ctrl+Scroll Lock and everything gets back to normal. If it doesn’t work, try to press Scroll Lock and than hit Ctrl+Scroll Lock again. I have no idea why or how it works, but the fact is that it does solve the problem, if anyone knows what happened here, please leave your comment and share your knowledge with us. This is a very strange and odd bug indeed, I must say.

OS X: Ten Boot Options for Leopard

Multiple shortcuts exist for the various methods of booting Leopard. These ten boot options range from essential debugging tips such as verbose and safe modes to dual booting options.

To use these boot shortcuts or commands, hold down the bolded keypress while your system is booting up. If it does not work, you probably did not start holding down the key (or key combination) soon enough.

shift – Safe Mode

Booting with the shift key depressed starts OS X in Safe Mode with Account preferences ignored and unessential kernal extensions / kexts disabled.

option – Startup Manager

Booting with the option key depressed starts OS X with the Startup Manager which allows the user to select which OS or partition from which to boot.

Mouse button – Eject Media

When the user boots with the mouse key depressed, any media in the drive such as a DVD or CD is ejected.

cmd v – Verbose Boot

If this key command is held down when booting, all the startup messages that are typically hidden will be displayed. This is an excellent method for debugging booting issues.

c – Boot from CD/DVD

Booting with the “C” key held will tell the system to boot directly from a CD/DVD in the drive.

t – Target Mode

If the “T” key is held during the bootup, the computer will be placed in target mode. This basically allows the computer to be accessed by other systems as a FireWire drive. Other computers can read, write, or mount the target mode system just like any other FireWire drive.

Other Bootup Shortcuts —

cmd s – Single User Mode

x – OS X Force boot

r – PowerBook Display Reset

n – Boot up from NetBoot Server

[courtesy:www.tech-recipes.com]

KGEC - The Beginning, my first iMovie project

This is something I wanted to do for a long time. But could not make it till last night. Finally I am here with my first iMovie video. But life was not that simple to get it done. I had a tough night learning and fighting with the features of iMovie to get what exactly I wanted. Could not find it helpful while editing the audio for it. Thanks to Chandan, he helped me with this by introducing me to Audacity . Also since I was trying to edit an mp3, I had to download LAME MP3 encoder along with audacity. Yah I know, I know, it is going to be little technical. But that is just to express my emotions. I am really happy that I made it finally. Still long way to go. Wait n watch, there are a lot to come yet.

YAF - Yet Another Forum

I was given an opportunity to set up a technical forum where people can discuss about technical stuffs. I was looking for ways to start and obviously my first preference was something open source. Thanks to Gautam (my colleague) to introduce me to YAF - Yet Another Forum. It is a .Net based open source forum control written in C#. It is really great. It was so easy to deploy, I was amused. I just simply loved it. The source is available here and the wiki as well. The funny part is there is also a forum about "Yet Another Forum" where people discuss about it. This seems like a snake eating herself from the tail, hehe. (Bad Jokh). But the moral of the story is I am impressed with such lovely open source tool with such a huge set of features. Kudos to all who are behind its creation.

ClickJacking and video chat

Recently I was reading about various vulnerability in web world and found this buzzword "Clickjacking".  The founders Jeremiah Grossman and Robert "RSnake" Hansen planned to demonstrate this serious vulnerability involving all major browsers during a presentation scheduled for OWASP's AppSec 2008 Conferencein New York. But they cancelled that as Adobe requested them to to postpone it. One of Adobe's software is also vulnerable to the same and they want more time to fix it.

According to RSnake:
"Alas, it turns out that some of the issues we found weren’t just a little bad - they were a lot bad. So bad, in fact, that we felt compelled to do some responsible disclosure. One issue lead into another issue into another and poof - we have at least two and probably more incoming vendor patches at a yet to-be-determined date. And we’ve only worked with a few vendors. So… yah. It’s pretty bad."

It sounds pretty bad.

"Also Jeremiah started off with a brief introduction on what clickjacking is. In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you. It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch. With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening. “A normal user wouldn’t have any idea of what is going on. People in this audience may see something a little different from what they would expect and you would definitely see the results in the page’s source code.” Ebay, for example, would be vulnerable to this since you could embed javascript into the web page, although, javascript is not required to exploit this. “It makes it easier in many ways, but you do not need it.” Use lynx to protect yourself and don’t do dynamic anything. You can “sort of” fill out forms and things like that. The exploit requires DHTML. Not letting yourself be framed (framebusting code) will prevent cross-domain clickjacking, but an attacker can still force you to click any links on their page. Each click by the user equals a clickjacking click so something like a flash game is perfect bait" (courtesy Web Admin Blog.).

Also there is a mail to OWASP community from RSnake regarding the kid of impact it might have:
"As the OWASP event organizer, this critical issue does deserve your attention. I am sure if your browser, video and microphone was taken over by someone who wanted to conduct surveillance, industrial espionage or hack your system and use the vulnerability against you and millions of users you would want to fully understand the threat. Well this is in fact the situation described below and I believe that a information security conference with industry peers from around the world IS the place to discuss/debate topics such as these and they should NOT be suppressed by anyone." (courtesy ZTrek)

The conference video:



According to Hansen, the threat scenario was discussed with both Microsoft and Mozilla and they concur independently that this is a tough problem with no easy solution at the moment. Grossman confirmed that the latest versions of Internet Explorer (including version 8) and Firefox 3 are affected. In the meantime, the only fix is to disable browser scripting and plugins.

More details and FAQ has been covered here (Must Read).