The Need For a Ninja Proxy

June 24, 2011 security
No comments

Be A Real Internet Ninja

Protecting yourself online has never been so important.  The need to use common sense and adequate security and privacy tools is vital.   If you’ve come here looking to become an online ninja, surfing securely through the electronic ether well perhaps I can point you in the right direction.

But First the Danger

Finding any sort of anonymity is difficult online, you’re tracked and logged through your ISP, company firewalls, web sites you visit and a thousand other devices in between.  Your IP address can be tracked back to the very PC you’re sitting at and the logs stored and backed up in your ISP contain virtually everything you’ve done online for the last two years.  When I say everything, I’m not kidding – and yes it does include the fact that you watched the Kylie Minogue Agent Provocateur ad 6 times in a row last Friday when you came home from the bar.

Now the Inconvenience

Sometimes it’s not actually the paranoia (oh and yes they are watching you), but the inconvenience that drives people in search of a Ninja proxy to surf through.  This is down to the increasing pervasiveness of a system called geotargeting – I’ll add a better description of this but it’s basically the way that websites restrict what you can watch depending on your location.

You’ve probably seen it in action -

  • Want to watch BBC Iplayer but are not in UK – Sorry blocked by IP address
  • Catch up on some shows on Hulu while on holiday in France – Nope blocked by IP address
  • View the news on ABC whilst in Canada – Nope blocked by IP address again.

The real list is much, much longer – from accessing Youtube, just about any big media site, or if you’re unlucky to live in a country where it’s considered bad for you to access Facebook  - it’s likely you’re going to get blocked for not having the right IP address.

So people are fed up with being blocked, monitored, logged and basically having their online experience controlled and analysed – so they look online and read about ninja proxies.   What they find is loads of web pages called Ninja something or other and a basic install of a web proxy called Glype.  They will promise you all sorts of super, secret ninja surfing via their little browsing frame – but I’m afraid it’s not true.

Computer Admin Watching Someone Search Through a Ninja Proxy Site

The Truth About Ninja Proxies

Unfortunately that’s what the majority end up doing, searching in Google and finding some Ninja web site or something like that.  In the middle of the page their will be a little box inviting you to search via their site – something like this

Not Really Ninja At All!

Is it secure ?

In a word – No.

Well if you trust a complete stranger who has set up a free server, installed Glype and covered it in ads – to look after your data then of course it’s fine. It doesn’t bypass most firewalls, it certainly doesn’t give you anonymity – it does add many more risks to your browsing.

For those of us who prefer reality it’s a complete waste of time, all you are doing is funneling your data through another unknown, insecure point.  In some circumstance the setup may obscure your IP address slightly but that’s about it – you also be leaving yet another log of your activities on this guys server.

Don’t think you’ll be able to stream previously blocked video either like BBC Iplayer or Hulu because you can’t watch these through a little Iframe window and besides the servers are normally basic ones that would struggle to stream video to one person not the thousands who’ll probably be trying.

The real ninja proxy experience will obscure your IP address completely through an advanced network of high speed, highly secure servers across the planet.   It will be high speed and high performance allowing media streaming direct to your PC from wherever you are – so watch the BBC Iplayer or Hulu or any site you care to try.

It can be set to automatically switch your browsing data across to a different server across the globe every few minutes.

But finally it will also encrypt your data meaning that you really can be anonymous, your ISP logs included.  In fact  the only readable logs of your online existence are briefly on the secure servers and are deleted immediately.

You can find it here.

Proxy Avoidance – An Introduction

May 17, 2012 content filtering / technology
No comments

So what does this mean to you? Proxy avoidance? Aren’t proxies used to help you keep your privacy – why would you want to avoid them.   Unfortunately there are some proxies you really should be looking to avoid.  Just using a proxy means absolutely nothing, it’s a bit like saying you are environmentally aware because your car happens to be colored green.  Proxies can enhance security but equally they can also be used to steal all your details and finance a Russian cyber crime gang’s Christmas party.

Bloody Spoilsports !!

 

So should you use or bypass a proxy server – well it really depends on a couple of factors – who’s running it and how it’s set up.

For instance I recommend a couple of proxies/vpns on this site – both of them don’t keep logs, they don’t monitor traffic and delete pretty much everything.   However this is not the case for the vast majority of proxies – some are actually designed to monitor you and control what you can or can’t do online.

The one thing you should remember is – that if you use a proxy server, then all your data is being channeled through that server.  Which is why most businesses make sure their employees surf the internet through a proxy.   They control and configure the proxy so that they have full control of what you do online on their time.

So let’s just be clear, if you are being blocked from accessing your favorite site at work, school or through your ISP, it’s probably because you are being forced to surf through their proxy server.

 

 

In this case you will also be requiring one of these if you need to avoid this particular proxy -

Luck – or rather some incompetence. If your client, browser or proxy security is set up badly, it can be fairly easy to avoid a proxy server.

Technical Knowledge – always helps but if you want to bypass the sneaky IT department, the more you know the better.

Security Software – programs like Identity Cloaker have special functions to piggy back existing proxy servers or bypass firewalls. Nothing guarantees that you by can avoid a proxy specifically designed to control your internet access but it’s usually possible.You can always test theories out – for instance the free – trial version of Identity Cloaker allows access to a selection of websites including Facebook.    This site is often blocked by content filters or proxies (usually because people are liable to spend hours on it!) – so test out to see if it works in your environments – the free demo version can be downloaded here

Remember a proxy server set up in your work or college – is acting as an intermediary for each client on the network.    As such it knows and records every single site you visit – so if you’ve got something to keep private – don’t do it at work !! Unfortunately there are lots of different ways that proxy servers can be set up, transparent, caching or anonymising for example.  When proxies where first used they were primarily used for speed. They would be set to cache requested pages – so when another client on the network requested the page it could be delivered locally.  This would mean that you would only need to download a page once and then served when required.

They are now used for a whole lot more – a proxy is a vital tool for controlling and configuring access to the internet for any client.  You can use a proxy to block, filter or simply monitor any request passing through it.  Have a look at your broswer settings at work, if set up properly you should be blocked from manually changing the settings.   This is a simple first step in making sure that any employees cannot avoid using the proxy server – secure your proxy settings in the browser.  If you’re using Windows then this is normally used by using Windows Group Policy Objects which can tie down all security settings on your client.   Generally not only will this stop people fiddling with their settings, but it will be backed up by firewall rules.   The most common rule set would be that outgoing web traffic is only allowed via the IP address of the official proxy server.  Which is why most people get stuck when trying to be a proxy ninja on their school or company network.

In addition to the installation of a proxy server, most organisations now are rightly paranoid about ‘nasty stuff’ on the net, and so they utilise some sort of additional content filters.  The most common one I’ve come across is from Websense but there are quite a few different ones.   These will monitor online all the traffic and URLs, and block or log according to specific rules and algorithms.  These filters are generally installed on the ‘wire’ and will have access to all traffic on the network.   There’s only one real way to beat a decent filter and that’s to stop it analysing what you’re doing – that means you must use encryption.

It can be via SSL, a VPN or like Identity Cloaker which uses Rjindael-AES 256 bit Encryption over a SSH connection.  It’s difficult to summarise what situation you might find in any specific environment.  In any vaguely secure environment you’ll probably find most stuff I’ve mentioned being implemented.

Of course us Ninja surfers can get round all these issues.  Normally it’s not that hard to do usually becuase of the way a security measure has been implemented. For example you’ll commonly find Internet Explorer locked down very tightly stopping you doing anything.   But then the rest of the client will be neglected and a user can often install a different browser like Firefox which has no such restrictions!!

If an organisation hasn’t stopped you installing a new browser on your PC then it’s unlikely they’ve created any security templates either.   It’s not uncommon to see surprisingly – a super locked down version of IE alongside a completely unmonitored copy of Firefox.  Of course before you start messing around with the Internet at work or college, you should consider your position.   Check out your Internet Use Policy and see what you’re allowed to do – is there something that says you can’t use another browser for example !

It’s a big subject and I’ll cover some more specific scenarios in future posts.  I’ll mostly use Identity Cloaker as it normally has the functionality to bypass most corporate blocks and filters but there are others.   Don’t bother messing around with stupid online web proxies though – they won’t work unless your network admins are particularly stupid.

How to Watch BBC Iplayer on Your Ipad From Outside the UK

April 27, 2012 Apple iOS / ninja / TV
No comments

My brand new shiny IPad has been in my possession for a few months now, but to be honest I’m still not sure how it works.  My lack of knowledge is mainly due to I don’t get to use it that much as all my family just loves it.   It’s nearly always in use for web browsing, games, apps and that sort of thing.

However after writing this post about – How to Use a Proxy to access Iplayer – I kept getting emails about whether you could also use Identity Cloaker on the Ipad.  You know to access blocked media, TV sites or even connecting to home banking more easily.  The company did have a Mac OS version in development but I don’t think it was ever released.

Anyway so I thought I’d better check it out  and suprisingly it’s actually pretty simple to do.  The reason is that the vast majority of their security servers are VPN enabled. That means  all you have to do is set a simple VPN connection on your IPad to a specific server and then you can enable it when required.   The functionality is built into the Ipad so nothing too difficult is required – let’s show an example for accessing the BBC channels abroad.

So How Can You Watch BBC Iplayer from the US on Your IPad?

Right, so most of us have discovered that if you happen to be outsde the UK, then the BBC Iplayer won’t work properly.  When you connect to the IPlayer site it checks your IP address to see where you are located.  If it discovers that you are connecting from outside the United Kingdom then you won’t be able to watch anything ! To be fair, BBC Iplayer is not the only media site to do this.   Hulu blocks all non-US access – the same goes for ABC, NBC and Pandora too. The great little media player from the French broadcaster M6Replay is also limited to access within France (if you know someone learning French get them to check it out – it’s great practice watching the Simpsons in French!)

The solution on the PC is very simple, you just use something like Identity Cloaker to conceal your true IP address and present one from the correct country.  The solution is actually similar on the IPad (you can use the same technique on the Mac aswell) – you just need to connect to a server based in the UK (or which ever country you need).

  1. Select Settings
  2. Select General
  3. Select Networks
  4. Select VPN

This should bring you to this screen -

Ipad VPN Connection Screen

 

You can see in this screen I’ve already set up a US VPN which I use for Hulu and Pandora.  Here you just need to select Add VPN Configuration and you should reach this screen.

It looks complicated but it’s not.

You just need to leave it set to L2TP at the top and then put the following details in.  You’ll need to get the details from Identity Cloaker for section 2 and 6 but just drop them an email and they’ll send it to you.  If you’re using a different VPN provider it’s likely you’ll have to do the same (although a couple publish the information I think)

  1. Description – Give it a name like UK VPN, US VPN then you can select quickly which country you need
  2. Server – Drop Identity Cloaker an email for a list of enabled VPN server names
  3. Account Name – Your IDC Username
  4. RSA SecurID – Ignore this
  5. Password – Your IDC password.
  6. Secret – Drop Identity Cloaker and email and Ask for the VPN Secret Name
That’s the tricky bit over with, next click Save from the top right hand corner.  The next step is to enable your VPN connection.
Connecting to the UK VPN
To do this you simply select whichever VPN configuration that you need, so if you’re in the US and want to watch the BBC then create and enable a UK VPN.  In this screen just select enable and it will turn on your VPN – this will route your connection through the UK VPN servers.
The status will change to connected and in the top left hand side of your Ipad it will show that the VPN is connected like this.
UK VPN Connected
When this VPN is connected, all your traffic is encrypted and routed through whichever server you are connected to.  It’s best to disconnect after watching unless you want all your browsing routed through the UK.
If you haven’t got Identity Cloaker yet – I can definitely recommend it, it’s probably best to try the 10 day trial first to see how you get on with it.  They have a very professional set up and the servers can cope with streaming video without any issues .  They have many UK and US servers plus ones in France, Germany, Poland, Ireland, Sweden, Australia to name but a few – all included in the subscription.
This method  should also work with other VPN providers who have set their servers up properly though – just ask them.

Once Upon a Time There Was a Hosts File

April 7, 2012 filtering / Just Interesting
No comments

When the World Wide Web was little and called the ARPAnet, resolving computers to their IP addresses wasn’t a big deal. In fact because the network consisted of only a few hundred hosts, a single file called HOSTS.TXT was sufficient. This file contained the name to address mapping of every computer on the ARPAnet. Unix computers hacked the HOSTS.TXT and built it’s own version and stored it into /etc/hosts – all was fine and dandy.

The HOSTS.TXT was maintained by a Network Information Centre and distributed by a single host. Any client would pick up a fresh copy every few days to see if any new hosts had been added to the network. Slowly there were problems as the network got bigger – here’s some of the biggies:

  • Traffic – the toll on the SRI-NIC (the computer which held the master copy of HOSTS.TXT) became unbearable. Network traffic and CPU utilization was overloading the host.
  • Name Collisions – No two hosts on a network can be the same. There was no system to enforce this uniqueness of host names – duplicates started to appear in the host list as it got bigger.
  • Consistency – making sure that everyone had the correct version of HOSTS.TXT became extremely difficult. Machines on the far edges of the network would take so long to get an update that it was

It didn’t work, name resolution started to cause havoc on the network as it grew, mailservers fell over as duplicates appeared. Hundreds of versions of the HOSTS.TXT file caused loads of issues and the reliability of the network plummeted.  A new system was needed and it was needed fast, that system was delivered by a chap called Paul Mockapetris.  He released two RFCs  - 882 and 883 which were the first definition of the Domain Name System – or as we mostly refer to it as DNS.    These RFCs have now been superceded many times as security, administration and implementation problems have been identified and rectified.

The Internet as we know it relies not on some huge text file but the Name resolution delivered by the Domain Name System.  DNS is simply a huge distributed database, local control of this data is allowed.   However this data is accessible across the whole network through a client/server set up.  Now this is where the history lesson finishes – I don’t want to start talking about Name Servers, resolvers or caching as you can find that stuff in other places.

Here on theninjaproxy.org we like our information is little more practical – so lets have a look at a little legacy of the HOSTS.TXT file that is used as a first step of resolution by Windows TCP/IP.

There’s the little fellow  - a text file called hosts which contains your computers first port of call in Name resolution before it uses methods like DNS for example.

It can be used to block or filters websites, hackers use it to infect clients with viruses and trojans by redirecting to nasty sites.  Also plenty of places still use it to make web based applications work properly or to redirect clients to specific computers.

It’s quite simple to use – here’s a brief illustration.  We are going to redirect a web site to a different place using the hosts file -

Let’s redirect our web surfer to somewhere pleasing to the eye – playboy.com.  First we find the IP address of the site by pinging it -216.18.172.158.   Next we need to make some simple modifications to our hosts file – you’ll usually need administration access to alter this file.


You can see we have added a line telling the computer that the site www.google.com can be found at the address 216.18.172.158 (oh no it can’t!).

Of course you’ve guessed what will happen when anyone tries to visit Google on this computer!

Sometimes doesn’t work as great on the bigger sites that rotate their IPs over lots of servers and you may have to clear your cache with CCleaner beforehand.  But you get the idea, another slight modification is that you can use the hosts file to block access to sites to.   Instead of redirecting a site to different IP address you can just redirect to your local computer using 127.0.0.1.

For example perhaps you are getting pissed about all the adverts that are served on websites from ad.doubleclick.net, simply add this line to your hosts file.

127.0.0.1     ad.doubleclick.net

This will have the effect of blocking access to that website (and blocking it’s adverts).  It’s a crude but reasonably effective way of blocking access to specific websites on a particular computer.  Many companies or schools use this method on public facing or ‘kiosk’ machines.

Unfortunately hackers also use this method too, viruses modify your hosts file to redirect your machine to malicious websites instead of popular sites like Facebook or similar.  So it’s always worth checking out your hosts file occasionally to see all is in order.

 

 

 

 

 

 

The Next Pavarotti?

March 31, 2012 technology
No comments

Ok I love Turkey, but doing business there is so hard work!! But my frustration waiting for yet another piece of paper in an office in Ankara simply melted away when I heard this – a fabulous performance…

If you’re not in the UK – you’ll need a proxy or security program (like Identity Cloaker) to give you access I’m afraid.

More security stuff coming next post I promise………………………time to hack your neighbors Wifi….

No Politics – But Ninja Videos Ok

March 26, 2012 TV / Uncategorized
No comments

Is this right?

Fuck…I hope not….
The Dead Kennedy’s shocked in my youth – some thirty years ago..,,,,still pretty hard core…..

The Most Astounding Fact about the Universe

March 5, 2012 Just Interesting
No comments

Well nothing about technology again – probably because I have spent the day fixing extremely crap DNS installations and have become overwhelmed with the futility of existence. But fortunately my mood was saved by this (well this and alcohol) so I had to share this wonderful video.

Kinda puts life’s little tribulations in context doesn’t it.

Bye, Bye Scroogle – We’ll Miss You!

February 25, 2012 security
No comments

Yep  Scroogle has gone alas,  it had a purpose, it was useful and the owner had an attitude.   To be honest it doesn’t come as a big surprise, for the last few weeks it’s been pretty much unusable for a variety of reasons.

A few days ago the owner Daniel Brandt announced  -

“Scroogle.org is gone forever,”

You might thing what a drama queen, or perhaps so f**kin what – but it’s kind of a sad day for all of us with a brain.

But first perhaps we should say what Scroogle actually was – and that is simply a proxy for the Google search engine.  Instead of all your queries being logged, recorded and monitored in order to build up some sort of creepy online profile of you – Scroogle acted as a man in the middle. It was a like a trusted friend who wouldn’t make judgement, wouldn’t log the request for future gains and certainly wouldn’t sell your profile to Tesco to add to their Clubcard profiles (note to US readers – this makes no sense to you)

So if you wanted to search for ‘pornographic pictures of sexy ladies dressed up as members of the Stasi’ , then your East German security fetishes would be strictly private, meaning Google wouldn’t have made a little addition to your online search profile.

Which meant you had a little more privacy, your every internet searching whim was not added to a online profile or buyer’s list held by some bunch of corporate tossers. So for this to Daniel – I say thanks and am very sorry to see him go. Now the reasons for the end of Scroogle where apparently due to two main reasons,

  • Google throttling Requests
  • Many DDOS attacks on the site.

Now both are equally feasible and apparently both were happening.  Scroogle has been around for nearly ten years which is a long time in Internet years and Google could have closed it down at any point.   They have always limited the number of search requests from a single IP address  - so Scroogle would have tripped this many times with only about 6 servers and a limited number of IP addresses.   So did the Google guys finally have enough and tighten the screw?   I’m not sure, it’s not great publicity for them if they did and the impact on their profits were certainly negligible – but this requires further research !

The other problem which hastened the demise much more quickly was the increasing number of DDOS attacks.  These are just blunt attacks designed to bring servers to their knees,  easily orchestrated either with minimal technical knowledge or a few bucks to spend.  Daniel Brandt apparently was very outspoken and frequently upset people so he’d probably made a lot of enemies.  It’s a sad blow though, again showing that cyber bullies exist on all sides of the divide – the fact is you can use a DDOS attack on any web server in existence.  It’s the lead pipe of the cyber world, if you disagree with someone online you can just pay a few bucks to take out their web site/blog etc.

I don’t know who Daniel upset or why – but the loss of Scroogle is surely an own goal!!  I was going to rant further on this issue and put in a selection of secure search engines that still exist but I’ve suddenly discovered a rather full bottle of 10 year old Laphroaig whisky – if you’ve tasted it you know why I can’t concentrate now.   Adieu……………

 

PS

Will post up the list of secure search engines in my next post.

Blocking Anonymity – China and TOR

February 9, 2012 content filtering / technology
1 comment

There’s loads of places where it’s pretty simple to bypass the blocks and restrictions that Governments put up. In reality a lot of countries have no access to the skills, equipment and in some cases the will to ensure that they really do control access to the internet. For instance in Turkey, there are a lot of sites which are officially blocked like Gay and Lesbian groups ( serious sites not porn) but thousands of people access every day with no problem.

Subscribing to a anonymity service is quite common in many countries, not particularly due to the privacy issues but more because they want to access TV and media sites in other countries. The Geographical blocks that stations like the BBC and Hulu put above are easily circumvented by using a security program like Identity Cloaker.   In fact if you speak to these companies you’ll find that 95% of the traffic is related to watching video and not related to secure or private browsing.   In Identity Cloaker for example you can turn off the encryption to increase speed which is what many users do.

However the simple Geo blocks of the media companies are much worse for many people – for instance in China.  Whilst many countries are as mentioned pretty hopeless at controlling internet access – the techies behind the Great Firewall of China are very switched on indeed.

TOR Access Block

TOR is free software which links to an open network run by it’s users, it’s designed to provide anonymity online and let users bypass blocks and firewalls.   It does have it’s problems mainly based on the open format of it’s network – you relay traffic through other users computers.  As such there are security problems and it can be painfully slow to use.  But it is very difficult to block as you are not reliant on specific servers and there’s no specific IP addresses you can restrict access to.   But the Chinese have reportedly been block TOR users for several months.

The security team at Team Cymru have recently investigated how the Chinese Government was blocking access made to the TOR network.  It’s pretty interesting reading and demonstrates that the Chinese are actively combating the use of Tor through the Great Firewall of China.   Every time a user connected to a one of the Tor Bridges (which relays the connection through the Open network) then probes would be sent out from a Chinese IP address.  The probe was only sent if a connection was made to port 443 (HTTPS) in which an SSL negotiation was performed, any non secure connection did not cause the probe.

The probe was extremely sophisticated and designed specifically to connect with Tor, even able to communicate using the Tor Protocol.  As soon as one  of the probes was received the connection of the original Tor User was blocked by the Chinese Firewall and the connection dropped.

The team Cymru researcher was able to identify how the Tor connection was been identified.  The Tor handshake was located by inspecting inside the packet and locating the specific SSL ciphers used by Tor to establish the handshake.

Pretty heavy stuff,  to utlize this level of Deep Packet Inspection requires very sophisticated technology and obviously teams of people actively researching  how to block anonymity systems like Tor!

You can read the full details of this research conducted by Tim Wilde of Team Cymru here – Great Firewall of China Tor Probing.

 

 

 

 

 

 

Your Digital Identity

January 24, 2012 technology
No comments

Sounds like a stupid thing to say doesn’t it – I mean who has a digital identity? But alas we all have nowadays, at least if you participate in 21st century life at all.

 So when you think about it, the reality is a little more worrying. It’s really about everything you do online being monitored. Now that’s does scare me – mainly because it happens. How much of your life happens via a phone or the internet?

Anyway the worry I have is this – most Western Democracies have access to everything you do online for the last couple of years.  Of course there’s some vague idea that it’s all about catching terrorists but frankly that’s a load of rubbish.   I’ll take my chances on any plane if the terrorist has been thick enough to post his plans online on Facebook or Twitter – chances are they’ll blow themselves up on the way to the airport or at the car park ticket machine.  

Not going to happen – so what our agencies and governments are really interested in is all the other information …..like this……………………

From my ISP logs dated 21/12/11 when I returned home from the Cross Lanes Hotel ( Geo location enabled on my Iphone).

My location established from my phone.
After drinking one bottle of South African Shiraz and paying my bill – (via internet enabled till) I watched the Kylie Minogue Agent Provocateur Video several times in a row.  When I go for that high powered Government job – it could be a difficult interview question,

or perhaps I could just show them the video ……..

All red blooded and nothing to be ashamed of? Sure but remember they have every web site you visited …in the last two years..

Apple iOS Hacker Banned

November 9, 2011 Apple iOS
No comments

You’d think computer companies would learn wouldn’t you, when you see someone who points out a problem with your code, hardware or processes then you should thank them, embrace them – heck employ them if you can.   Apple however have failed dismally in their response to Charlie Millers assistance on highlighting the problems in the App Store security process.

Photo Charlie Miller - Twitter@0xcharlie

I means there’s two types of people out there who do this sort of hacking – white hat guys like Charlie Miller who will demonstrate the vulnerabilities, publish proof of concepts and let the company know. Of course it can be slightly embarassing sometimes when you’ve dropped a bit of a clanger but there is an upside.

The upside is that the other type of people don’t get chance to figure it out – the Bulgarian uber hacker working underground for a Russian or Brazilian cyber criminal gang who exploit the hole after they’ve found it.

So what did Charlie Miller actually do?

Well it’s probably best to let the author demonstrate – make sure you watch it until the end to see the full extent of what this hack is capable of !

Pretty incredible heh!! The potential of this in the hands of the bad guys is probably what scared Apple and made them act like a spoilt brat by kicking Charlie Miller off the iOS developer program. White hat hackers as talented as this guy should be treated a bit better even if he did perhaps break a few little terms and conditions to illustrate the vulnerability.

I haven’t thought about the criminal possibilities of this but I am sure there are many beyond downloading every ones address book. I confess I’m still stuck on the prank possibilities of having every iPhone on the planet vibrate at exactly the same time. Pointless but fun and pandering to my inner megalomania without causing any real harm! If only I was as clever as Charlie Miller !!

Hopefully the kicking Apple is currently getting in the online media for their reaction will make them think again. Perhaps in some high up meeting somewhere in Apple Towers it will occur to someone that they should be actually thanking this guy. Otherwise they should get worried if he starts taking long holidays in Moscow next year.

← Older Entries