PKNIC Domain Expiry Policy
August 16, 2009
Filed under Investigations, Pakistan IT, Scripts
Tags: Domain Expiry Policy, PKNIC
A few months back, I was looking for some COOL .pk domain for my personal page. I was fortunate enough that I got a domain name of my choice and It was about to expire in a month. According to PKNIC policy, they hold the domain for 2 weeks after expiry period.
In the event of non-payment of domain maintenance fee by due date PKNIC in its sole discretion shall de-activate such un-paid domain and offer this expired domain to third party for re-registration on pre-payment on a first come first served basis, after a hold period of two weeks after domain de-activation. The defaulting domain owner can pay and re-activate the expired domain within the hold period. Ref: http://pk5.pknic.net.pk/pk5/pgPolicy.PK
I noted down the expected expiry date plus hold period. Luckily, domain was not renewed by then. I went to register this domain but I was told that you cannot register this domain until PKNIC releases it.
This domain was registered after a month of expiry + hold period by someone else 
Recently, I found another cool domain name. This time the domain was expired in June 
but again not available for registration. I was told by one of the PKNIC partners that they release the domain whenever they want to :S
I decided to calculate the average time of release for each domain. I collected the list of more than 5000 PREMIUM .PK DOMAIN NAMES and wrote down a script to check their status. The results were totally random :S. PKNIC decides fate of each domain individually.
There is a domain which was expired in September 2008 but it is still not available. Please check the status of lit.com.pk
Solution:
PKNIC is not going to respond to our emails and phone calls.
I have written down a script which keeps on checking the status of my favorite domains and emails me when they are available 
Feel free to use the script: http://pknicnotifier.appspot.com/
SVN commit to Google Apps email notification
April 8, 2009
Filed under Scripts, Tips & Tricks
Tags: Google Apps, hook-script, Python, SVN
I had a sensitive SVN repository, where I want to get notification of each commit as an email to my Google Apps email address. There are a few post commit hooks available for SVN but they did not satisfy my requirements as they use sendmail to send email and I want to use secure SMTP provided by Google apps. So, I changed the example python script a little bit. Here are a few steps to achieve this functionality:
- Get the example mailer script from:
http://svn.collab.net/repos/svn/trunk/tools/hook-scripts/mailer/
and save to some place like: /usr/share/subversion/hook-scripts/mailer/ - Rename the “mailer.conf.example” to “mailer.conf”
- Edit the mailer.conf
- Uncomment the line smtp_hostname = localhost
and change it to smtp_hostname = smtp.gmail.com - Uncomment smtp_username = example and change example with YOURNAME@YOURDOMAIN.com
- Uncomment smtp_password = example and change example with your real password.
- Add following two lines:
smtp_port = 587
smtp_use_tls = 1 - Set the from_addr, to_addr and reply_to variables.
- Add the map settings if you want (optional)
- Uncomment the line smtp_hostname = localhost
- Edit the file mailer.py
Modify the finish method of SMTPOutput class and replace it with following code:server = smtplib.SMTP(self.cfg.general.smtp_hostname, self.cfg.general.smtp_port) if self.cfg.is_set('general.smtp_username'): server.ehlo() if self.cfg.general.smtp_use_tls: server.starttls() server.ehlo() server.login(self.cfg.general.smtp_username, self.cfg.general.smtp_password) server.sendmail(self.from_addr, self.to_addrs, self.buffer.getvalue()) server.rset() server.quit() - Now goto “hooks” directory in your repository and make a new file as “post-commit”
- Chmod “post-commit” to 755
- Edit the “post-commit” and enter following contents:
#!/bin/sh REPOS="$1" REV="$2" /usr/share/subversion/hook-scripts/mailer/mailer.py commit "$REPOS" \ "$REV" /usr/share/subversion/hook-scripts/mailer/mailer.conf
Shaadi.com: Spammers or poor security/privacy implementation
Before I start, let me make it clear that I never registered on any dating/matrimony site.
Today I got an email from Shaadi.com with subject “Welcome to Shaadi.com”, congratulating me on registering at Shaadi.com (which I never did). Mail addressed me with (My email local part)_2009 (common practice of many spammers) and contains a password (normally registration emails do not contain password). I ignored this email like all other spam emails. After this I got a few more emails with subjects like “Your Shaadi.com profile is under Screening”, “Your Shaadi.com profile has been Activated” and more interestingly “Congratulations! ********* has expressed interest in you” 
. This made me investigate the issue.
I immediately opened Shaadi.com and looked for something like support/help. Luckily, I found the link 24/7 help and Mr. Mohit was there to help me. Here is brief conversation between me (with a fake name) and Mohit:
me: I just got an email that I have been registered at Shaadi.com and my profile has been activated
me: but I never registered for this siteMohit: Hello (My fake name)
Mohit: I am Sorry for the inconvenience caused to you.
me: dont you people verify the email?
Mohit: May I have your email address
me: Sorry, I cant share it, because I dont want more spam, just tell me dont you verify email after registration?
Mohit: I am Sorry, we do not have that.
Mohit: Please let me know the Email I remove the profile.
me: so I can register a Shaadi.com account for barack obama? (lolz :d)
me: just give me the link to remove my profile I will do it my self (I couldn’t find it anywhere on their site)
Mohit: you may delete the profile yourself by clicking on the link given below:
Mohit: http://www.shaadi.com/my_shaadi/delete-profile.php
me: ok,thanks
Mohit: Thank you for using Shaadi.com Chat Service. Please feel free to contact us on our Tel no 1860 500 3456 or Tel: (022) 44883456. Standard Charges Apply
I made an dummy account on shaadi.com and opened the delete profile link to test it. I got this error:
The following error/s were found. Please go back and correct the same.
(My dummy account)’s profile does not exists
If the error message persists please note the error details and write to Customer Support
I opened the the 24/7 chat again and Mr. Mohit was there again for help.
Please wait for a site operator to respond.
You are now chatting with ‘Mohit’
Mohit: Welcome to Shaadi.com Live Help service.
Mohit: How may I help you?
me: I just checked the link you provided with a dummy account, and it is not working http://www.shaadi.com/my_shaadi/delete-profile.php
Mohit: You have to login to account than only it will work
Mohit: As you have not created the account you will not be able to Login
me: I am logged in with a dummy account
Mohit: Can I know the Profile id?
me: (My dummy profile id)
me: i created this just for testing this link
Mohit: Thank you for waiting. I’ll be with you in just a moment.
Mohit: Profile is under screening and it is not online
Mohit: for the same you received the error.
me: so, I cant delete it untill the screening is done. right?
Mohit: I’m sorry for the delay. I’ll be right with you.
Mohit: Yes
me: so the screening process does not include verification of the email id?
Mohit: If the Email is bounced back to us than we verify the Email.
me: by verification i mean originality, that this email id belongs to the person who is registering
Mohit: Yes, I understood.
Mohit: But we do not have the feature currently.
me: ok, thanks, now please answer my other question
me: if I provide you with my userid or email, can you tell me the time and ip address of registration?
Mohit: I am Sorry, I will not be able to provide you with the insights.
Then I logged into the site with the username and password in welcome email and I was amazed to know facts about me like I have only 1 brother and 1 sister, my birthdate, I am a UK based Indian, My native language is Kashmiri and my phone number is +91-9906765046.
Conclusion:
How they are spammers?
- Usernames which include local part of your email address are normally used by spammers (My real name was not written anywhere in email or on my so called profile), so most probably they got my email address from somewhere and used the local part (before @) of my email address to welcome me.
- No proper service will ever email you with your password in registration email. They provided me with a password because I didn’t know it.
- All information in my so called profile was fake.
- They do not have a link like “If you did not register for this site please click here” or “If you did not register, please ignore this email”.
- My so called account got activated without verification of my email address.
- They do not have a delete profile link anywhere in email or on help pages of their site.
- Customer support is unable to disclose my time and IP address of registration (This might be their policy).
Other privacy issues with this site?
- I can register an account for Barack Obama and set his profile.
- If he has deleted the “Welcome to Shaadi.com” email, he won’t be able to modify/remove his Shaadi.com profile ever. Because the forgot password page will ask for his birthdate (which is fake in this case).
- Until the profile is approved, you cannot delete it.
- If Shaadi.com is not a spammer, then sending password in welcome email is a serious security issue.
Now twitter in Pakistan with a local number
Last year twitter stopped delivery of outbound SMS over its UK number because of its huge cost. This means that if you do not live in US, Canada or India, you are not going to get twitter updates Twitter admin managed to reduce their cost of operations and actually get little bit of money in these countries by establishing a reciprocal relationship with local mobile operators. I dont know why, but I am sure that no Pakistani cellular operator will ever make such relationship with twitter :S (any operator rep. reading this??). So, the only solution left is to use m.twitter.com or iPhone to get updated on your cellular device.
I was planning to make an application for Pakistani users to use twitter via local number and get updated via local SMS. Today, Yaser invited me to the iSMS twitter service for Pakistan. This simple application allows you to change your status using a local number making it cheaper.
You can see this message in your iSMS settings page. Click on the Integrate your account link
Enter your twitter username and password
Updated status on twitter
Enjoy tweeting in Pakistan
14 Tips for startups
- Most important thing for startups is to focus as they dont die of starvation but they die of indigestion.
- It needs to offer a pain killer not a vitamin to its customers.
- You need to innovate besides technology on your business model, in the software arena software as a service did that.
- You need to have some kind of unfair advantage in customer acquisition (network effect, viral loops or even doing unfair generation of demand what youtube did and we know how they did it)
- To monetize you need to have huge scale or a highly monetizeable category otherwise anything in the middle is death.
- Till you reach scale where you need a lot of money for servers and bandwidth, you dont really need a lot of money. If you think you need a lot of money for marketing then you are making a mistake.
- Do NOT focus on engineering and optimizing viral loops.
- Do NOT focus on things like contact importer or spaming users as your method of customer acquisition.
- DO focus on core values that potentially becomes better as more users use it.
- DO focus on core behaviors like warning to share the content that you are originating or creating.
- DO focus on allowing people to give feedback whether it is the content that is created by other users or it is the content that is created by you.
- If you look where the internet is growing, it in the emerging overseas markets which excludes US, Europe and Japan. Rest of the world is growing by almost 2x the numbers of the developed world.
- A people hire A people, Bs hire Cs and Cs hire Ds.
- Needs to be extremely capital efficient as very few companies going to have exits above 200M$. Most of the startups are exiting between 50-100M$.
Source: The Internet
ZoNG – Another hope for iPhone in Pakistan
September 26, 2008
Filed under Pakistan IT, Telecom
Tags: china mobile, iphone, pakistan, zong
China Mobile is expected to launch the ‘cut-down’ version of iPhone shortly. Wifi and 3G will be disabled in this version to comply with Chinese regulations. According to foxconn (Apple’s Taiwanese manufacturing partner), China Mobile has asked Apple to remove Wi-Fi and 3G networking from the iPhone for its launch in China. [News]
ZoNG is the only overseas operation of China Mobile. Previously, Warid Telecom was expected to launch iPhone in Pakistan; as SingTel owns 30% of Warid Telecom shares and it secured an agreement with Apple to distribute iPhones in Singapore, India, Australia and Philippines. Unlike Warid Telecom, CMPak(ZoNG) is 100% subsidiary of China Mobile. So, it makes sense that it will launch iPhone in Pakistan as well. Let’s hope that instead of showing iPhone in its TVC, CMPak will do something practically.
MCB website – Down or hacked?
I am unable to open the official website of Muslim Commercial Bank for last one week. I tried contacting the bank officials, but they have no idea about this. MCB is one of the few banks in Pakistan which offer virtual banking.
Currently, mcb.com.pk is accessible and this notice is displayed on their homepage. All other pages are still inaccessible.
www.mcb.com.pk is still inaccessible within Pakistan; however I was able to open it using some proxies. Traceroute using different servers shows random behavior. In major cases the destination is unreachable. Seems like an attack on the website.
How to download slideshare slides?
July 27, 2008
Filed under Scripts, Tips & Tricks
Tags: firefox, greasemonly, hack, javascript, slideshare
UPDATE: Support for this script is officially closed. You can now use online tool available at http://www.slidzy.com/ to download your favorite slides in Power point(PPT), Acrobat (PDF) and SWF with a much requested offline flash player for SWF slides.
Today I was looking at Mohtashim’s presentation on Human Centric Design presented at P@SHA Career Expo. I liked the presentation so I decided to download it for offline reading. But there was a download restriction :S The slides were not available for download. There are many nice presentations available on slideshare which you cannot download
I wrote a small script for Greasemonkey which helps you in downloading the slides. You can find the script here:
http://userscripts.org/scripts/show/30646
It will replace “Download not available” text with a download link The download link will display links to individual slides, now you can download them all.
Update [Nov 05, 2008]: A small change in class name of “Download not available” link caused problems in the script. It is working fine now.
Update [Nov 22, 2008]: A minor change in a class name again. Script is updated. Enjoy downloading slides
Update [Jan 11, 2009]: Script is working again
Update [Jan 26, 2009]: Class names were changed again :S and the script is working again
Mobilink launching iPhone or is it jailbreak?
Mobilink just showed iPhone in their latest tv commercial. Are they going to launch it or is it just a jailbreak version like other iPhones in Pakistan?
