Compare features and prices of different version of Windows 7 in India

Microsoft Windows 7 comes in 4 flavor in India. Microsoft Windows 7 Home Basic, Microsoft Windows 7 Home Premium, Microsoft Windows 7 Professional,Microsoft Windows 7 Ultimate.Microsoft Windows 7 Home Basic is only available in emerging economies and not in developed nations.
Version Feature Price excluding Tax
on 27 July 2010
Windows 7 Home Basic Standard Feature Rs 5,200.00
Windows 7 Home Premium Windows 7 Home Basic Feature + Windows Media Center + HomeGroup Rs 6,500.00
Windows 7 Professional Windows 7 Home Premium Feature + Windows XP mode + Domain Join + Backup on home or business network Rs 10,000.00
Windows 7 Ultimate
Windows 7 Professional + BitLocker + Switch between 35 languages Rs 10,550.00
If you are a home user and looking for Windows 7 on your PC you may choose between first 2 versions. If you don’t care about Windows Media Center to watch,rewind and record TV (You will need TV tuner card in your computer).Windows 7 Home basic will do all other stuff for you.
HomeGroup is new feature in Windows 7 Home Premium and above to share different media files over network among Windows  7 computers. Even you have more than two Windows 7 computers at home you can still network using Windows workgroup.So, there is not much value addition from Windows 7 Home Basic to Windows 7 Home Premium unless you watch TV on your computer.
For people who need to run Windows XP productivity software on Windows 7 you have no choice but to buy Windows 7 professional at least.
If you wants to use Windows  in English and Hindi on same install but just login on and login off,You may consider buying Windows 7 Ultimate.35 languages to switch between supported by Windows 7 ultimate are
* Arabic
* Brazilian Portuguese
* Bulgarian
* Chinese – Simplified
* Chinese – Traditional – Hong Kong
* Croatian
* Czech
* Danish
* Dutch
* English
* Estonian
* Finnish
* French
* German
* Greek
* Hebrew
* Hindi
* Hungarian
* Italian
* Japanese
* Korean
* Lithuanian
* Norwegian
* Polish
* Portuguese
* Romanian
* Russian
* Serbian Latin
* Slovak
* Slovenian
* Spanish
* Swedish
* Thai
* Turkish
* Ukrainian
Price source

How to Hide Facebook friends list

By default, Facebook shows your friend list to whole world. Many people don’t want to show their friend list to public.Business man may not want to show his contacts to whole world. There are other scenario as well, some people want to protect their friend list from stalker.Facebook has made visibility of friend list very granular.You can make your friend list visible to everyone (Default),restrict them to friend of friends or friends.You may even hide from everyone (yes!face book have included this feature).You may choose to hide friend  list from specific person as well.

How to restrict Facebook Friend list visible to friends only

  1. Click on Account menu ---> Click on Privacy Settings sub menu


  2. It will open Privacy Settings page.Under Basic directory Information section, click on link “view settings”


  3. It will open “Choose Your Privacy Settings” ----> “Basic Directory Information”. Under section “See my friend list”.You may choose among everyone,friends,friends of friends,customize. Choose “Friends” option if you would like to restrict it with friends only.facebook-basic-directory-information
  4. If you are too paranoid you may chose customize option. It allows you to restrict with one additional option “Only Me”.In case,you choose this option friend list would be hidden from everyone.On this screen you may choose to “Hide this from” as well." You may use hide this from to selectively hide it from chosen people.


Its important to understand these settings are for human only.For the application you have given access permission to you account they always have this info.

35$ Laptop Video at You Tube

Video of 35$ Laptop which was reported in last post .

Another Video

Report says 2 GB RAM.Its actually 2 GB Flash.

India unveils 1500 Rs - 30$ Laptop (notebook)-Picture

You might have heard about 100$ laptop project.They call it one laptop per child.India has come up with its own lower cost solution.Indian HRD minister unveiled a low cost access cum computing device. The price of device expected to be around 1500 Rs. (30-35$).This will be available to students through educational institutions by 2011.

The device runs on Linux and it won’t have hard drive but flash as storage.Device is expected to support

  • Video web conferencing facility
  • multimedia content viewer like  jpeg,.pdf,.png
  • Zip unzip utility
  • Internet browser with flash plug-in and javascript support
  • Productivity suite and computational software such as Open office,Scilab
  • Wireless communication I assume wifi driver
  • Remote device management capability
  • It says cloud computing option,I assume it means ability to work as cloud computing client.(Browser?)
  • Multimedia input-output interface


Government has setup under National Mission on Education through Information and Technology (NMEICT) to provide connectivity in Universities and colleges.They are also creating high quality educational web based and video content.This access device will help them to leverage this.

My thoughts:As cloud computing is growing with fast pace a connected access device will be more than enough to provide productivity suite to students.Also, as a few million student will start using Linux  in their college days thanks to this device,adoption of Linux will go more mainstream in India in coming year.As for students who will pass out from these institutions can work with Cloud and Linux access, device a bad thing for Microsoft (?).

Also, India should be part of 100$ laptop project.As they are open for ideas to globally reduce cost of computing for students.


Low Cost access –Cum-Computing Device Unveiled by Shri Kapil Sibal

Google Introduces policy management in Google Apps

Google Apps introduced user policy management for organization.Administrators can now divide users in organizational group and control access to user group for specific application. Organizational Group Sales can have access to Gtalk while Organizational Group Development would not have access to Gtalk.
For companies which already have active directory or LDAP.Google Apps directory sync will mirror this.
Currently, this is supported from Google APPS next generation Control Panel. This feature is starting to roll out to Premier and Education edition users at no additional charge. I checked with one of domain I have with Google Apps,its not enabled for the domain.Probably, Google may change this for not Premier users.They have not said anything in their blog about it,

Official Google Enterprise Blog: Introducing user policy management for Google Apps

View the Income Tax Credit Statement (Form 26AS) online free

Indian tax payers are privileged that they can view their Income Tax Credit statement online. Such facility is not even available to American tax payers.What is contained in Income Tax Credit statement viz form 26AS -
  • Details of tax deducted on behalf of the taxpayer by deductors
  • Details of tax collected on behalf of the taxpayer by collectors
  • Advance tax/self assessment tax/regular assessment tax, etc. deposited by the taxpayers (PAN holders)
  • Tax refund detail if any
Currently there are three ways to view your Income Tax Credit Statement – Form 26AS online
  1. Bye Registering at TIN-NSDL – That was first method introduced to view Tax Credit Statement online. The method is cumbersome and not exactly free.Step you need to complete at TIN-NSDL to view your tax credit statement are as follow
    1. Online Registration of Pan
    2. Verification of identity and authorization of PAN by TIN-FC – If,PAN holder selects a TIN FC to visit at his place for authorization, it will cost 100 Rupees.In case, PAN holder personally visits a TIN-FC of his choice for authorization it will cost you 15 rupees.Money probably is not an issue here but offline work makes the process cumbersome.
    3. View tax credit online
  2. Using online facility of your Bank - To provide this facility to net banking account holder, bank should get registered them self with National Securities Depository Limited (NSDL).Currently following banks have this facility.You should be able to view Form 26AS from online banking of these banks
    1. Citibank N.A.
    2. Corporation Bank
    3. IDBI Bank Limited
    4. Indian Overseas Bank
    5. State Bank of India
    6. Union Bank of India
  3. Registering for online tax filing – If your bank is not in the list, don’t be disappointed.Income Tax efiling portal allows a PAN car holder to register for efiling of the tax return. They have included the facility to view income tax credit statement online in “My Account” menu. Its not necessary to do efiling to avail the feature. Just register yourself with Income Tax efiling portal and you are all set.To register with them you will need following information.
    1. Pan card number
    2. Date of birth
    3. Your name
    4. Email address and some more info.
Once the account is activated you can log into portal and view Income Tax credit statement for free online.If this information was useful to you let your friends know as well.

Indian Railway PNR status on mobile via SMS using Google service

You might have used Indian Railways website to check your PNR status.Chances are you might have used 139 to find your PNR status as well.Google has a awesome service which lets you enquire about PNR status via SMS. It’s quick an instantaneous. Good thing about it is there is no premium charge or roaming charge associated with it.Only local sms charge applicable on your carrier will be applicable.

The number is 9773300000. No need to prefix 0 or +91. Send your 10 digit PNR number to this number you will receive PNR status.

You can even track your status. When your status is wait listed or RAC. You don’t have to send SMS every now an then.You may activate tracking of the PNR number as well.Google will update you as and when there is change, till date of your journey  date. To activate PNR tracking do the following.

  1. Send PNR to 9773300000.
  2. When you receive status of PNR, reply to SMS by sending “ON”.You are all set, as and when PNR status will change Google will update you.
  3. For some reason if you want to stop receiving status update for the PNR, just send “OFF” to 9773300000.

Google transliteration IME offline standalone installer hack : Install IME tool on computers not connected to internet

If you use Google transliteration IME, you must be loving it. For people whose English is primary language on internet but also want to work in language supported by Google transliteration IME,this is an awesome tool. From Google’s website
“Google Transliteration IME is currently available for 19 different languages - Amharic, Arabic, Bengali, Farsi (Persian), Greek, Gujarati, Hindi, Kannada, Malayalam, Marathi, Nepali, Punjabi, Russian, Sanskrit, Serbian, Tamil, Telugu, Tigrinya and Urdu.”
For people who are not aware of Google transliteration based IME, try Google Transliterate online tool. Online tool enables you to write in language of choice say Hindi when you have internet connection. Also, it transliterate only when you press space key on keyboard.While IME (Input Method Editor) suggests words in dictionary for every key pressed and works weather you are online or offline.Google Transliteration IME is becoming popular as we speak.
There is a problem
Google wants you to install Google transliteration IME in language of your choice only if you are connected to internet. Currently, installer downloads a wrapper stub executable. When you execute this file it downloads latest installer which let you install IME and deletes it after installation is successful. By doing this Google wants to make sure one always gets latest copy. But there is huge problem with  this approach.There are lot of computers which are not online. Particularly this is true for developing country like India.People are looking for this tool to install on their computer but Google doesn’t have standalone offline installer of Google Transliteration IME tool.Situation is also not good when you have to install the IME tool on multiple computer in the network as well.
Since actual transliteration IME installer is downloaded on to your computer by stub down loader, if you can locate the file you should be able to use it to install on a computer that is not connected on internet.In following paragraph it will be illustrated how to achieve this.For this tutorial to work you have to login on your Windows machine as a user who have administrative privilege on your computer. I will use Hindi transliteration IME installer,as an example you should be able to use it for other supported languages as well. Tutorial has two parts common steps and different methods to find actual installer on your machine.
Common steps:
  1. Download Google transliteration IME for your language. For Hindi 32 bit, selected option would be
  2. Save the file when prompted. It will download a file name googlehindiinputsetup.exe. For me on July 16, 2010 downloaded file size was 554 KB (567,624 bytes). 
  3. Locate googleinputsetup.exe and start the installer by double clicking it.Make sure you are still connected to internet.
  4. Based on you security setting on Windows machine, you may get a security warning, “do you want to run this file?” Click on
  5. Installer will connect to internet and would start downloading actual installer
  6. After download finishes, Google stub installer starts actual installer. First screen is End User License agreement.
Please don’t click next as we don’t want to install it this way. Now we need to find out location for actual installer on Windows machine.
Method 1 to locate Google transliteration IME offline installer
  1. Try to find out Google installed software directory. If you have installed any of other Google product before,find the directory of the install. On my computer Google products are installed under c:\Program Files\google, I will refer this directory for next steps.
  2. Browse to directory under  c:\Program Files\google and locate C:\Program Files\Google\Update\Download.
  3. You should see a directory (or more than one) with a very long name. This directory name will start with { and ends with }.Directory name will consists of four dashes (-) in it. In my PC directory name is {0FF3CE40-F329-483C-A3F5-03BFCC07A90C}.
  4. Go into directory specified in step 3 above and you should be able to locate a file named googlehindiinputsetup.exe. The name of file is same as that of stub installer however size is bigger. On my machine size of this file is 3.18 MB (3,337,200 bytes). That’s it, you found the offline transliteration IME for Hindi.Use it the way you need.Copy it to machines you need to install Google IME.Process should be same for other languages.
Method 2 using Windows Registry
  1. If for some reason you couldn’t able to locate the directory where Google software are installed, you should use windows registry editor to locate the offline standalone IME installer.
  2. Type “regedit” on command prompt, it will open registry editor.
  3. From menu Edit—>Find, search for Key MUIcache.
     MUIcache search
  4. It will search for first occurrence of MUIcache key in registry and would highlight it.Do a right click on MUIcache and press export.
  5. Export the MUIcache branch of registry in text file.In this example MUIcache.txt
    MUIcache export as text
  6. Open MUIcache.txt in a text editor, like notepad and search for term \Update\Download\.
  7. Eureka!! You found he complete path of standalone Hindi IME installer.Copy the file on a PC on which you would like to install.
  8. There can be many alternative way to achieve this, I illustrated 2 approaches. Hope it will help you in installing Google transliteration in a language of your choice.Did it work for you?

Indian rupee gets its symbol : What is next

You might have already read it, Indian cabinet has approved symbol for Indian currency, Rupee.The new symbol, designed by Bombay IIT Mumbai post-graduate D Udaya Kumar.


What is next for this symbol : Indian government will request Unicode Consortium to allocate new character in unicode for this symbol.It will take six month to a year to get this character incorporated by consortium.Once Unicode consortium assign unicode character for the symbol. Software vendors(including Operating System vendors) will incorporate this symbol by providing a key combination to access it for input. Hardware vendors may map this character on keyboard for easy access.Printer manufacturer may have to tweak their embedded software to recognize this symbol and Optical character recognition software  may have to take care of this symbol as well.

So, we can hope that after a year or two this symbol will be ready for prime time.

Domain Name for Dummies : How to make money from domain

Domain name is an address by which you identify a website on internet. Technically speaking all address on internet is in form for numbers like However, it would be difficult for human being to remember these numbers. So, concept of domain names cam into picture where some name like is registered and in turn resolve to number like example you can visit Google by typing in your address bar in internet browser. As you may see it is much easier to do it by typing .

Structure of a domain name : Domain name may look like or In, .com part is known as Top Level Domain (TLD), and example would be second level domain. While in is second level domain and Google is third level domain. .com and are also known as domain extension. There are some global domain extension like .com,.net,.org,.info,.biz etc. Some extensions are country specific like .in and are India specific, are for United Kingdom, .cn for China.

Global Top level domain : Global top level domains which ends in extension .com,.net,.org,.info,.biz etc regulated by ICANN. You may be able to register a top level domain from any of the ICANN accredited registrar or their resellers.Any one in this world can register a Global top level domain name.

Country level domain extensions : Every country in this world have a top level domain suffix.This is being assigned by IANA. Each country in turn have a registry which formulates policy related to country domain names. They also appoint registrar to register domain in their behalf.Some country do have restriction on who can register the said country domain name.You should get acquainted with policies of specific country before you decide to register a country specific domain name.

How much you need to Pay to Register a domain name : This varies extension to extension as well as registrar to registrar.However you should be able to register a domain for 1 year in less than 10$ for most of the domains.This is the domain cost which you would have to pay each year.This is cost of domain in primary market.

There is secondary market for domain : Meaningful domain names are internet real estate some of them are highly sought after that enhances its valuation. Others, bring traffic which can be monetized. Hence, if you come up with a domain that is no longer available to register you may buy it from existing owner. In this case you may have to pay a “premium” for that domain. Acquisition of domain from other domain owners is called acquiring it from secondary market. Why someone pays premium to acquire a domain?

  1. Brand Some names are just more memorable than other. For example,, gives extra edge to owners than anyone else selling dog supplies. Anyone visiting may find what they expected. These domains have high resale value. Chances that you may find such name at registration cost is negligible in .com. Such names are even may not be available in most of the extensions. 
  2. Keywords domain : Search engine optimization professionals are looking for key words domain in any category.People do searches on internet. now suppose a few thousands are looking for solar panels.Then, would have value. As it is highly probable that content related to solar panels will be placed in top position in search engine results. Google have a few tools which you may use to do keywords research.People have already done a lot of keyword research, so chances on an unregistered Good keyword is low. But it won’t hurt and to do some search and learn.
    • – This will help you in researching keywords that was being searched globally and a particular local market.It also shows advertisers competition for that particular keyword and related searches. If a domain name contains exact keywords and competition is high it has good value for SEO professionals. SEO (Search engine optimization professional) can use these name to create a website.These domain names are valuable.
    • Google Search Bases Keyword tool – This will help you find exact searches of a keyword and their advertisers bid.If it is 2-3 word keyword and have adequate search volume and good advertiser bid a .com domain would be lucrative.
  3. Type in Traffic domains : There are a few domains which people type in their browser address bar and expect a website. Such domains are called type-in traffic domain. These domains are valuable because people can place Pay Per Click advertisement  on such domains (also known as PPC) and make money. Question is how you find a type-in domain? Generally, generic and good keyword .com domains do attract natural traffic. This is also true for some of the country code tlds.From personal experience, I found Indians are typing for popular terms and as well as .in and sometime.How to find a domain with traffic, well it comes with experience, however, you may use as well. on click on siteinfo and put a domain name you want to verify the rank for, like It shows some traffic rank, however low, it may be. There is a good chance that that domain name have traffic. It doesn’t mean domains which doesn’t have alexa rank may not have traffic at all.Now, if you have a domain name with traffic there are many providers who allow you to park and monetize your domain. I prefer
  4. Residual Traffic – There are many expired domain that are associated  with an old website.It do happen everyday that a website owner lost interest or forgotten to renew the domain and domain expires. These domains do have back links. If you register such name you may get traffic for sometime. However, some sustainable residual traffic based on back link is sustained for a long period.These domains do have value as well.
  5. Also remember all the domain traffic are not equal, some keyword may pay you more than dollar per click and some may pay just 1 cent. It also depends on geographical location of visitor. A click from USA will generally worth more than a click from India.

               Hopefully, you must have got idea about why domains have value. If you have not entered in domain business consider many fact before making it a a source of income. First, if you have good budget you may acquire domains in secondary market and this article is not for you. But if you have low budget and can only acquire domains from primary market (means only at registration fee) then keep reading on. First thing first, if you come across a news that domain such that, etc are sold in multi million dollars, don’t get over excited. Such domains in .com version are long gone. Also, .com is most sought after extension because everyone knows .com. There are paid tools who let you catch expired domains in global TLDs. However, if two or more people are looking for same name you have to bid in auction so that will cost you more that just registration fees.

If you are new domainer look for alternative extensions as well. I am doing on and off domaining since 2001. I didn’t have much info about PPC and traffic domains till 2006. I have sold few domain names maximum I have got is 3500$.So I am not a big guy in this field. However, I found and .in brings good traffic. Now, I make 400$ to 450$ a month from parked domains.My cost of renewing domain is around 1000$/per year, it includes domain I am just renewing on speculation.Points to note is most of my traffic is Indian and Indian click doesn’t pay you much.

So, my point is if you can find out a way to get good traffic name or good keyword name you may still do good and earn some income from domaining. There are people who are dealing with expired domain in alternative extensions, where big players are not involved.They are registering good domains at just registering cost it self. So yes, you can still make money in domaining by either speculating on right domains or registering traffic domains to your benefit.You questions, comments?

Windows XP service pack 2 end of support : Upgrade to Service pack 3 IMMEDIATELY

Windows XP Service pack 2 end of support date has come.Officially support will end on 13th July 2010.Windows XP was released on 17th September 2004.While Windows Vista and Windows 7 are in market many people and organization still use Windows XP.What it means to Windows XP SP2 users is you will no longer receive security updates and patches if you are on on Service pack 2.It means you are vulnerable to viruses,malware and hacking attempt for any new security threat that is found later.If you have automatic updates turned on chances are you are on Windows XP service pack 3 already.
How to check windows XP service pack
Go to “Run” in Start menu and type “winver.exe” a window will popup.In version line you can see if it is service pack 2 or service pack 3.
If you are still running on Windows XP service pack 2, please upgrade immediately to service pack 3.
Please go to Microsoft Windows XP Service pack 3 download website and get it immediately. The requirement for service pack 3 is
  • Supported Operating Systems: Windows XP Home Edition ; Windows XP Professional Edition ; Windows XP Service Pack 1; Windows XP Service Pack 2
I am interested to know, are you  still using Windows XP?

Search for coupon near you using iGoogle Gadget for Google Coupons

iGoogle is Google interface where you may add RSS feeds from your favorite blog with Google search box.It might be your default Google page or you access it using link A few days back I noticed Google has added an iGoogle searchable local coupon feed based on location you provide. There is not enough inventory if you choose a location in India.However, choosing a USA based location shows you local deals on hotels,pizza,pubs,car repair, limo service, free lesson and what not. inventory has increased in last 4-5 days.What it does is it searches Google maps for businesses near your location that has special offers.

If doesn’t shows a widget named coupon for you here is how you may add it. Click on following link

And click Google coupons for iGoogle.It will try to detect your location and if can’t it may ask you to provide location information. If you are USA based you may choose your zip code like 08863 while people in India might try city name Delhi,India.



“Save” it.It will provides you a searchable interface with Coupon feed in your area.A nice utility hope soon it will have enough inventory in India as well.Did you like it? Did it show enough coupon inventory in your area? If you like the story share with other people.


Keywords : Google Coupon, Google Coupon codes,Local coupons

1and1 hosting review I have a complaint

When I was in USA I choose 1and1 promotional plan and jumped to 1and1 hosting.I even promoted them on one of my website.I am not a big time webmaster, didn’t care about how their customer support behaves (never got an answer from I used to like SSH access which they provide.

I moved to India, a few days back I asked them to change my country to India as one can’t change country from control panel.They asked me fill account change form and send them with driving license.

Hi There,
1. I am attaching account change request form.Kindly see new address under
"New Owner".Also, please manually change my country in account panel,as
I can't change country.
2.My driving license is enclosed.
Once you change country name in my account.please let me know.
Thanks and Regards,

Couple of days passed, no action what so ever from side.So I sent two reminders.Then guess what, what I got.

Dear Axxxxx xxxxxxx, (Customer ID: xxxxxxxx)

Hi, unfortunately we cannot change this account to an indian account
because we cannot change the card on file to Indian payment. You will
need to order a new account with your Indian details and an Indian card.
We have set termination on this contract for 30 days. Please order a new
account with your Indian details if you wish to remain a 1&1 customer.
Thank you.
Security Team
1&1 Internet, Inc.

The payment option was Paypal,And card was never came in question.Also, note here instead of asking anything about payment they did onside cancellation. I replied to that email couple of days back but have not heard from them.

Hi There,
I am amazed.Payment mode is no more card on file but Paypal.I have forwarded
you scan document of account change and Indian driving license to prove my
credibility.This was the document you have asked earlier as well. If you
have to terminate why not just create an Indian account and move my settings,
files and domain under that account. Its hard to believe it is so difficult.
Particularly, in control panel it explicitly says contact customer care
for change of country.Why suddenly you people realized it can't be done?Why
you earlier informed it can be done after I send those document?I need an
answer for all these?I am in IT I may move again to USA for that
sake UK,each time do I have to cancel my account and create a new one?That's
what are you saying?I need answer for this and a solution not termination
notice.Please advice,
Thanks and Regards,

When I searched for 1and1 hosting complaints internet I felt guilty for why not checking this earlier.They are one of biggest and worst hosting company. Customer care sucks and never reply, when you contact abuse team they do reply but with robotic answer.What the worst they have done that locked my account probably,because I can’t login into my my review of 1and1 hosting is avoid at any cost.

Spam in Gmail

Gmail has excellent spam filter.I use Gmail as my primary contact.I receive huge number of spam, because email from one of my primary domain is forwarded to Gmail account.The domain has been set as “catchall” email address as well.I use this email id for mostly domain registration.Since this means this mail id is exposed to whole world and spammers alike,getting huge number of spam is not a surprise.It didn’t bother me too much as Gmail catches all of them pretty well.However, since yesterday some smart spammer is spamming my mail id. I tried to mark those as “spam”,but not much success.I am still getting mails from the same spammer.Sender name is all of the spam is “BestMaleMeds On-line”. Sender email id is different each time and subject invariably start with word “Customer”.Then there are a long junk message with randomly selected word in message body.There are images and hyperlinks as well.Images are blocked by Gmail by default. When I did further investigation found

  1. Urls and links to images in different message points website different websites.
  2. These websites are possibly hacked.
  3. When I used Wget to get content of link, ALL messages brings same html page with following code.
    <head><script>location = '';</script></head>

  4. It seems some Viagra site is being promoted with hacked websites and spam emails.Google filter is probably  failing because-spammer are using different sender email id each time, embedding links from different websites each time and generating random subject line and body text.Probably Google can figure out spam by sender’s name “BestMaleMeds On-line”.
  5. I previously reported how my websites were hacked with possibly a unpatched Adobe Acrobat hole that lead to Filezilla password being stolen.
  6. Following are images of my inbox and one particular email. Google should come up with an algorithm to recognize random text as junk and spam.



Windows Live Writer Review as offline blog editor

Windows Live writer is a feature rich offline blog editor.Best part is its free and comes from Microsoft.First thing first, why to use an offline blog editor.There are many reasons to do that.

  1. I use Blogger for this blog, The editor at blogger is not easy if you have to create well formatted post, it becomes a pain.Try adding image in your blog using blogger, It doesn’t create link to the image.So, if image is big, a reader can’t just click and see full size image.
  2. It is easy to create ordered list and un ordered list in Windows Live writer.You can even create nested unordered list inside and ordered list.
  3. In Windows Live editor you may choose hyperlinks attributes easily like nofollow,open in new windows etc
  4. With WYSIWYG editor its easy to put a html table in your blog.
  5. You use add source code or consol output in you blog it has plug-in to help you format it better.
  6. When you are creating a long post it is hard to edit and maintain it in Blogger default editor.
  7. You cann’t track word count in Blogger default editor,Windows live writer helps you track word count as you type.

I used Windows live editor, for my last post having more than 2200+ words, I didn’t have to edit html source for more than couple times.Also, if you plan to edit html source itself,it is much easier to do in Windows live writer.Best part is that its free and do have some productive plugging you may choose to enhance your blogging experience. When I blog with Windows Live editor all I have to concentrate on content and not worry too much about formatting. Did you find this review helpful?

How to hack Gmail password and how to secure Gmail account

No I am not going to tell you how to hack Gmail account or Orkut account. I found on Google “How to hack Gmail password” is one of most searched topic on internet “how to” search.It implies that there are a large number of people who are trying to hack Gmail or Orkut account. I host a few websites since last 8 years and my hosting account been hacked three times already.It’s true that hacking a hosting account is quite different from hacking a Gmail account.But why I mentioned is because once you are hacked you feel the pain.And believe me if your Gmail account is hacked it will bring horror to you. Because most likely its primary contact email id for you and there are so many services linked to your Gmail id like Blogger, Adsense,Adwords,Google sites,Orkut, Google Apps etc list is quite impressive for being your account a target.A potential hacker can have two intention first, either hackers wants to monitor your email communication or take away account from you totally.
In coming paragraph you will get familiar with few common techniques used by hacker to hack your online accounts in common and Gmail account in particular.After that I am going to tell you what to do or not to do to protect your account and best practices to safeguard your Gmail.I will conclude with what should you do if your Gmail account is hacked.

Common hacking modes for Gmail account

  1. KeyloggerKeylogger is a software which is installed on a system to log key pressed. There are commercially available key logger in the market as well as a hacker may introduce a keylogger via Trojan, infected USB device etc. Key loggers can be installed on a system in a rootkit mode where you can’t see it in Windows taskbar.Additionally, these keyloggers can be configured to send log file using mail via SMTP.
  2. PhishingPhishing is most common method, to hack online passwords. In phishing a hacker sends email with link of a similar page you may see while logging to Gmail,however it would be not hosted by Gmail servers.Most likely, the link of Phishing site will be again on some hacked website.As soon as you enter login and password in such page hackers gets your password.
  3. Firefox Saved Password – If you have accessed your Gmail account on shared computer or a friend’s PC and saved password offered by Firefox, this can be read using Firefox Tools –>Options—>Security—>Saved Password screen.All one has to do is click on “show password”.
  4. Using simple security question is Gmail account – Google offers 5 default question and 6th option is to have your question. Five default questions in Gmail account are

    • What is your primary frequent flyer number – This question is good only if you have one.
    • What is your library card number – This is the info many will have access to,not good at all.
    • What was your first phone number – Again this is more or less a public information, people can do “people search” to find out all your numbers, possibly one of those is your first phone number
    • What was your first teacher’s name – Anyone who has studied with you or if someone has done social engineering  to find it out can guess it with some effort.
    • What is your father’s middle name – Again very weak hint.
                  Google should consider to make more secure default security questions.
  5. Getting password from less secured websites – Many people have habit to use single password everywhere Gmail, forum, small websites etc.Most of the website keeps your password in encrypted format. These password can’t be reverse engineered practically. But some of the website keeps password in clear text. How you can know if a website is preserving password in clear text.. When you choose forgot password option in websites that offers you to tell your password are for sure keeping your password in clear text.Generally, if a password is not saved in clear text website will give you option to reset password and would not send you your password. Now, suppose you share same password with a website that saves password in clear text as with Gmail account password,chances are someone who has access to user database on that website may steal Gmail password as well.
  6. Man in the middle attack – A hacker can intercept your communication between browser and Gmail servers using packet sniffers.They in turn can read “Session Id” used for a particular communication. Once a hacker succeed in doing that he can use your Gmail account without knowing your password.This kind of attack is possible in public wi-fi hotspot or if you have unsecured wi-fi setup at your home.

 10 Best Practices to protect your Gmail account

  1. Update your software and antivirus program – You should update your OS, programs like MS office, Firfox, Adobe acrobat reader etc to keep it updated with current version. This will secure your from known vulnerability in software. Hackers do target a security vulnerability once it is known. Also, use a decent antivirus, there are so many options available in market but few are better than others.
  2. Don’t open files sent to you by unknown source – Hackers may install key logger etc by sending you executables, pdf  file etc. So never open these files.
  3. Don’t install cracks etc from website or torrent – Cracks available on internet and torrents are full of spyware, keylogger etc. Unless you know what you are doing never use those files. They install spyware and root kits on your system.
  4. Secure yourself from Phishing attacks – When you get a link in email or Orkut or Facebook, make sure it is from genuine source.A hacker might send you link to something and ask you for login/password of Gmail.Site look and feel would be same as Gmail login screen but it will be not hosted at Google servers. Whenever you enter critical information like login/password, Credit card,Bank account etc make sure you check the address bar in your web browser. Its possible a page which looks similar to Gmail might be coming from something like following: or even bigger address.You are warned not to put your login password etc in these websites.
  5. Don’t save password in Firefox – This is particularly true if you are using a shared computer. Also, in case you are using a cyber cafe make sure you never saved password for your Gmail.
  6. Create your own security question is Gmail – As illustrated earlier Gmail default security question can be guessed with some effort. It is highly recommended to create your own security question whose answer is known to you only.This will be helpful in resetting your password if hacker has not modified your security question.For an example if you like banana just have a security question “fruit” and not your “favorite fruit”. Google have guidelines for security questions as well.

    Picking a good security question and answer:
    • Choose a question only you know the answer to - make sure the question isn't associated with your password.
    • Pick a question that can't be answered through research (for example, avoid your mother's maiden name, your birth date, your first or last name, your social security number, your phone number, your pet's name, etc.).
    • Make sure your answer is memorable, but not easy to guess. Use an answer that is a complete sentence for even more security.
  7. Have a different password on other websites – You might be visiting forums, dating sites, job sites etc. Don’t have same password on those sites with that of Gmail.This will protect you from your Gmail password, it will be safe even if database of those sites are hacked given they save password in clear text.
  8. Enable https on you Gmail account – A man in middle attacker may intercept your session id and access Gmail account. Enable https option in your Gmail. This may slow down your Gmail a little bit. So if you are using a slow dialup connection you may not like it. But if you access your Gmail from wi-fi hot spot its recommended you turn it on. Also, if you access your Gmail mostly on broadband you not feel the difference. To enable https access use following instructions.

    • Log in into your Gmail account
    • Click on the link “settings” – You will find it at the top right hand side of the page once you logged in.
    • On “General” tab look for the section “Browser Connection”
    • Check radio button “Always use https”
    • Go at the bottom of the page and look for button “Save changes”
    • Click on “Save Changes”
  9. Have alternative email and mobile number on your account – Google have option to have alternative email address and phone number in your account. Please do configure it and have a email id which has a different password and you don’t access it often.However, these options are only good to reset the password if hacker has not touched your alternative email id and mobile number. It’s entirely possible that hackers have got your password but they have not changed it but just monitoring you. You may change (configure) these setting by accessing following link    
  10. Forward your some of the important mails at another email account – Preventive measures are good. If you have not deleted your old emails send your some of the mails to a different email id. The mail you should choose to forward is the mail you got from Gmail when you signed up.The mail you get from Orkut when you signed up.THIS IS MUST DO FOR EVERYONE.This will be useful if you Gmail ever gets hacked.Better safe than sorry.

How to know that your Gmail account is compromised

  1. Password is no more working – When a hacker changes the compromised account’s password, your password will not work.You will know instantaneously as you can’t login. However, when hacker is just monitoring you he may not change the password.
  2. How to know that account is compromised when password is working -

    • Some of your mails are read even when you have not read it
    • Go to “settings” –> “Forwarding and POP/IMAP” – In the “Forwarding” section does “Forward a copy of incoming mail to” is configured to some mail id of not yours? It means account is hacked.Change password immediately.
    • Does POP/IMAP is enabled and “POP is enabled for all mail that has arrived since DATE”.Where date field is not blank even if you are not using POP.
    • At the bottom of Gmail page, Gmail gives you last account activity information. If you have something like below,it normal.It says you di d something with your Gmail 2 hours ago on this computer.
    • Now Let’s see what is different in picture below. It says account is open in 1 other location whose public IP is is suspicious unless you have opened another Gmail session on a different machine or Gmail in another browser.Even if it says last account activity at or some think like that, you may check it if you opened the account from office or other location.Generally if you are using an ISP the first 2 portion of dotted IP Address will remain same.This will change if you are using it from office at day time and at home in evening.
    • How to do an IP address lookup and find where my Gmail has been accessed from? There are sites which shows your IP address on internet.I will use website for further explanation.Go to the website, below the main widget in page, it will have string like “NQ Client Info - IP: - OS: win xp - Browser: fx 3.6.3”.Where is my IP visible on internet. This IP address belongs to my ISP. To query more about this IP address.Click on the “tab” ,” whois IP”.By default it will fill the text box with IP address you have accessed. Now click on > button.For me it brings like following information.I am copying pasting first few line here.It shows IP belongs to organization SIFYNET. They are my ISP. So I am satisfied.
% [ node-2]
% Whois data copyright terms

inetnum: -
netname:      SIFYNET
descr:        Sify Limited
descr:        Chennai, India
country:      IN
admin-c:      HS51-AP
tech-c:       HS51-AP
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:      This object can only be updated by APNIC hostmasters.
remarks:      To update this object, please contact APNIC
remarks:      hostmasters and include your organisation's account
remarks:      name in the subject line.
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: 20070827
mnt-by:       APNIC-HM
mnt-lower:    MAINT-IN-SIFY
source:       APNIC
    • No suppose IP address last accessed or open at other location belongs to someone on different ISP or in a different country, I have reason to believe that my account is compromised.What should I do in these situations, I should run a virus/malware scan on my computer and change my password and security questions immediately.
    • Now Google has even provided a better solution.In the images shown above there is a link called “details”.Go Gmail pagea dn at the bottom try to locate it and click it.For me it brings following information.First column always says browser, as I only access Gmail from web. I am safe. If you see other access method like POP3 while you don’t use POP3 you are compromised.If you see different IP addresses in second column,try to do lookup as explained earlier using .Google has a good guide about how to use this information. Last activity

    • Google sends suspicious account activity alert as well.I have not seen it so far,but have you got one?

What to do after account is hacked

  1. Account is hacked you do have access to your Gmail account – Run a spyware and virus scan on your computer.Once its complete, change password and security question of the account.
  2. Account is hacked and hacker has changed the password – This will be useful when hacker has changed your password but not security question or secondary email address in your account. Follow the link.
  3. Account is hacked and hacker is changed secondary email as well as security questions – In these situation the email forwarded to secondary accounts will be useful.Remember, I have recommended “Forward your some of the important mails at another email account”.You will be asked when you signed up for account.When you activated the 4 different services on Google.Use this link to request Google for assistance.
            So how was that?Did you find this post useful? Did I miss something then please point it out.If you like this post please refer to you friends,it will help them to keep their Gmail secure.Please be safe!
Technorati Tags: ,,

Pirated Movies domain,websites and cash seized

The government on Wednesday also took control of at least seven of the sites in question:,,,,,,,, and More than a dozen bank, investment, and advertising accounts were seized, and authorities served search warrants on residences in several different states.
Feds seize cash, Web sites of alleged film pirates | Media Maverick - CNET News
When writing this blog all 7 sites mentioned in the news are either replaced by by an image file or unvailable.

It is interesting to note that is registered in only Feb 2010 and has Alexa rank 533! wow. Whois info of only THEPIRATECITY.ORG has changed at the time of writing of this post.
Domain ID:D153506371-LROR
Created On:02-Aug-2008 03:58:43 UTC
Last Updated On:30-Jun-2010 21:34:53 UTC
Expiration Date:02-Aug-2011 03:58:43 UTC
Sponsoring Registrar:eNom, Inc. (R39-LROR)
Registrant ID:afilias155649
Registrant Name:Department of Homeland Security, Immigration and Customs Enforce
Registrant Street1:801 I St., N.W., Suite 700
Registrant Street2:
Registrant Street3:
Registrant City:Washington
Registrant State/Province:DC
Registrant Postal Code:20536
Registrant Country:US
Registrant Phone:+1.2027322000
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Admin ID:afilias155649


Paypal Bank Account verification no more for India

Previously when you used to add an Indian bank account in Paypal,they use to verify it.Process of verification was that Paypal used to deposit two small amount in your bank account. User was suppose to put those amount in Paypal verification module.

After resolving issue with RBI it seems they have withdrawn the verification process.My take is that you are now suppose to provide reason for bank withdrawal. Now when you add an bank account,it is instantaneous and it's status is "Primary" (if it is first bank account).

However, you you click on "status" link shown in above image, it still refers to old procedure.

Note: there is no more confirm button against bank account.Refer first image.
 What does it mean to you? I have not seen it on Paypal blog but possibly you no more can verify your Paypal account using bank details in India.You will need credit card verification in this I suppose.Any new user to Paypal, what was asked to you?
 Secondly, if you would like to withdraw money in your bank from Paypal,make sure bank details are correct,otherwise Paypal with deduct bank charges and other fees.As per Paypal -
Note:Please make sure that the information you provided is complete and correct. Otherwise, the amount will be returned to your PayPal account (deducting any bank charges) and a return fee will be charged.
One interesting development for Indian users, paypal is asking for PAN(Permanent account details) for users in India.So it seem like you may have to mention Paypal transactions in tax filing.
Are you using Paypal account in India? Have you seen these changes?

How to add/modify SPF record using CPANEL-Gmail for domain SPF

SPF stands for Sender Policy Framework.One can create SPF for a domain.It specifies which mail servers are permitted
to send mails on behalf your domain.Some mail servers don't accept incoming messages if it is coming from a domain that have no SPF record. So it's good idea to set it.

CPANEL - is widely used control panel on commercial Linux hosts. To setup SPF record for domain.
  • Login into Cpanel by tying where is your domain.
  • To write this post I logged into Cpanel where Cpanel version is 11.It is displayed at top left hand corner of the cpanel.
  •  Now look for section mail
  •  Under mail look for "Email Authentication"

  • Click on Email Authentication - Email Authentication in Cpanel
  • Under SPF section status would be Disabled - Click Enable button.It will lead to following page
  •  By default current host is included in SPF record. Click on "Go Back" and you can see following. SPF record added.
  • Now, You want to add "include" Google as email sending entity.Make sure before you start this SFP enabling you have already pointed MX record to Google mail exchanger.
  • Now Go to "Include" section on SPF record configuration page add click "Add".A popup window appear put following value
    Gmail for domain SPF record Added using CPANEL 
  • By default Cpanel appends "?all" at the end of SPF record.This is as good as none.If you are sure you would not send mail other that your hosted IP and Google Check "All entry (ALL)".
  • Click Update. It will bring a status page
  • SPF has been enabled.
    Your raw SPF record is : v=spf1 a mx ip4: -all
  •  -all at the end that means all other hosts in the world which will try to relay email on behalf of your domain will be rejected.

Filezilla Security Issues - Hackers are exploiting it

 I love filezilla, but what happened this month will make me to rethink if I need another ftp program. I am using filezilla client on my PC. Suddenly one good day when I tried to access one of my website,Firefox gave warning as "Reported attack page". When you see this type of issue with your webpage your heartbeat increases.It means youe Web server is hacked!!

I used wget tool to download default page of the concerned web SITE.Found page was infected with 2 identical pieces of javascript code.One at the top of the page other at the bottom.

<script type="text/javascript" src="" type="text/javascript">

I logged into my server and found index.php page was infected. I cleaned it. But no luck, on client side still there were malicious javascript code.I searched in that virtual directory.And found all index.html, index.php and .js (Javascript) file had it.My intial thought was that probably that hacker might have exploited security hole in Xoops.I was using open source CMS xoops on that website and haven't updated the installation for nearly couple of years.My assumption was they might have used backdoor script for the attack.
I started looking into logs.First I tried to figure out from access log.No luck.Then what I saw big ftp log files in log directory. When I opened it I was amazed,I didn't log using ftp in last few month.But ftp log was showing files being uploaded from numerous different IP addresses.As I have not used ftp for last many month I didn't thought my desktop might be culprit (when you are running antivirus with updated you assume you are safe,huh).I contacted my hosting provider and informed them that probably the box is being exploited and compromised at their end.After a few mail exchange what I found was beyond my imagination.
My desktop was infected with a variant of Gumlar.
Possibly my antivirus couldn't catch a pdf security hole and password was stolen from FILEZILLA. Filezilla makes hacker life easy.It saves ftp site configuration in xml and password in clear text.I wish I would have known it before.I would have not bothered to save password in filezilla then. Apparently Filezilla has no plan to encrypt the password.This is unbelievable.I agree our antivirus should catch these stuff but why make hacker's life easy. In my opinion password saved in filezilla should be encrypted.Or atleast they should warn user when one try to save password in Filezilla.If you want to know which file is used to save password it is C:\Documents and Settings\<username>\Application Data\FileZilla\sitemanager.xml .Where <username > is your windows user name.
So lesson is never save password in Filezilla or probably look for other alternatives.

, ,