geek on the web tech

Hacking websites: cross site request forgery

There are three major ways to hack a website: sql injection, cross site scripting and cross site request forgery. I published a post about sql injection and cross site scripting recently and now let’s see what this third attack is all about.

Tom Scott explains that for this third attack to work a malitious hacker needs to copy the form from your bank account, for example, into a fake website, hide that form and then trigger it every time you access that site or interact with it.

The way the webdevelopers are fighting against this is by creating a token in the same page as the form and then send that token with the form data once you click the submit/go button.

If someone copies that token and then tries to use it later on, his form won’t be accepted. The token updates each time the page the form is on is refreshed and it is unique to the user, ip, and current time.

A very neat trick to keep bad guys away from our bank accounts, that is for sure!

learn science tech

How does the future of computer science look like? [infographic]

The future of computer science looks pretty much amazing with things like carbon nanotube computers or phoneblocks, phones made of easy replaceable blocks.

The future will bring us also devices that can be controlled with our mind by using EEG tech or things like paper tab, a flexible tablet that won’t break when bent.

Read more about the future of computer science here and be ready to embrace the future that will be even more awesome than this.

learn on the web tech

The Worls is not the way your know it: Vsauce about maps

Did you know that Greenland is way smaller in reality than we actually see it on many maps? You see is as being about the size of Africa, but you’re wrong. This is because most of the maps we see today are using the Mercator system, a system that preserves shape, but greatly increases the size (area) of countries the more you move to the upper or lower limits of the map.

Vsauce explains it all.

Most of the way we perceive Earth is through our eyes and we depend on how we see light. Earth can be see in IR or UV maps and even in gravitational maps.

I will add here the image with the spectrum of light classified by wavelength to undersntad where UV and IR are

Maps, we can’t live without them. Google is using the Mercator system too. 😀


Do you die of thirst? Not really. Scishow explains: you die of cardiac arrest

If you do not drink water for 2-3 days, you die. But do you die of thirst or not? Well, you die of cardiac arrest. When mor than 10% of the water in your body is gone you are severe dehydrated and the body loses it’s electrolytes.

The electrolytes are ions from the cells and your blood stream that work well when you have enough water in your body and they are the ones that generate electricity throughout our bodies.

Without electrolytes electricity does not flow in our bodies and muscles, like the heart. When we do no have enough electricity to keep the heart moving then the cardiac arrest takes place. And pain. And death.

Drink water, please.

learn tech

ESO 2014 Calendar is here

As 2013 is ending ESO has already prepared the ESO 2014 calendar and has, as always, breathtaking pictures of stars, sky, galaxies, and of the observatories that it manages.

14 pages of awesomeness await you in this PDF here. Print it, copy it, share it, love it.

On the cover image you can see the spectacular star-forming Carina Nebula has been captured in great detail by the VLT Survey Telescope at ESO’s Paranal Observatory. This picture was taken with the help of Sebastián Piñera, President of Chile, during his visit to the observatory on 5 June 2012 and released on the occasion of the new telescope’s inauguration in Naples on 6 December 2012.

The individual images of the ESO 2014 calendar can be seen at this link.

Of the images form the calendar I like most the one with the E-ELT:

and the one with the stellar nursery IC 2944:

Way to go ESO.


ESO. Acknowledgement: VPHAS+ Consortium/ Cambridge Astronomical Survey Unit

entertainment learn tech

Badass Romanian Monster Truck: Ghe-O Rescue

Ok, is Marauder‘s little brother and it’s less than 1/3 of a Marauder price tag: around 150 000 euros. The Ghe-O Rescue, specifically created for rescue missions, truck can transport 11 people and is an all-terrain wonder. Created by Romanian off-road racing fans Robert Oprea & Cristian Vlad this rescue vehicle can roam trough the woods with no issues.

Ghe-O created several types of cars and the Utility category has Rescue and a Firefighter. Ghe-O Rescue is very flexible because you can use a plow with it, float on the water (if you add floating pillows), ride on ice and snow using tracks in rear wheels, on top cargo, medical stretch, terratrip.

It is not like a Behemoth, but surely packs a lot of punch for it’s 3.2 tonnes. See move videos on their Ghe-O YouTube channel.

Via Top Gear, thanks to Radu.

learn on the web tech

Just yawn and get a free coffee

The guys at Douwe Egberts have created a nice coffee dispenser which can detect if you’re yawning and then it given you a free coffee. Neat trick, great publicity stunt and an even better future for me, as a coffee drinker.

Yay for such inventions. Seen this video thanks to Vsauce 2 list of Mind Blow #72:

Coffee, coffee, coffee.

learn tech

Scientists can hack our brain now!

ASAP Science tells us that scientists can hack the brains of some animals right now and even humans can be subjects to such experiments. The principle is easy at its core: id the region of the brain that sends specific commands, like walking to the left, and then stimulate those regions.

People will behave the way you want if you stimulate certain parts of the brain and they will tell you that it is perfectly normal hat they did even though they were controlled. Science can be freaky sometimes, but these tests can reveal more about certain types of diseases like Alzheimers or autism.

More info on Wired.


Levitate and melt aluminum using a coil

A couple of Russians did an extremely interesting experiment: they levitated and melted aluminum sample weighing 2.6 g. They used a power inverter of1.6 kW, with frequency of 204 kHz and temperature peaks of about 1200C.

What happens there are two things: levitation and melting. Levitation is generated by the fact that any substance it he world is magnetic but not all like the permanent magmnets we’re used to. When you put any substance in a coil and thus generate a flow of electrons which, in return , generate a magnetic field, then you get to see that the substance is floating.

It is said that aluminum, since it is not a permanent magnet, it is a paramagnetic material. That means that above the Curie Temperature, that is the temperature at which substances that are not permanent magnets become induced magnets, the aluminum becomes a magnet.

Via Geek.

geek learn tech

3 Sweep: unbelievable software that extracts 3D models from a single photo and manipulates them

In the video called 3-Sweep: Extracting Editable Objects from a Single Photo, SIGGRAPH ASIA 2013 Tao Chen, Zhe Zhu, Ariel Shamir, Shi-Min Hu and Daniel Cohen show off a software that is able to take a single photo, get the 3D object out of it and then manipulate it like it’s nothing.

This incredible software is pretty much like PhotoModeler, a software that exists since 2002, as seen int he comments from John Blossom on G+.

The 3 Sweep software lets you outline the 3D geometry of the object in a few simple clicks and then you can simply extract, move, rotate and copy that 3D model. And all of this working from one single photo. Of course, the software relies on us being able to see a 3D model in a picture and then outline it with the tool, but it is a CRAZY thing to have as a tool.

SIGGRAPH is a great place to see tech that will blow your mind.

Via Gizmodo.