Tuesday, September 5, 2017

iCloud Trauma: 13,625 images and videos disappear and how I recovered them

Imagine that you wake up one day to find out that 13,625 images and videos have disappeared from your iPhone, iPad, and iCloud.com.

This is exactly what happened to my iCloud and specifically iCloud Photo Library. I woke up one day to find out that all of my old images from March 2014 till March 2017 now have disappeared.

I kept refreshing icloud.com/#photos, changing browsers, and researching. The "Deleted Photos" folder was empty. I was screwed.

I even waited a day to check back iCloud.com and still images didn't show up.

Exact thoughts 

"Fuck you Apple, literally fuck you". I couldn't process it. I trusted iCloud and I thought my data was safe there but apparently, it wasn't. Those images were important to me and only some images from 2014 were backed up. The rest weren't.

First attempt to contact Apple Support 

The first attempt to contact their support was an utter failure. I was barely hearing the support personnel (who was located in Egypt and speaking Arabic). The call disconnected before I articulated my problem and they didn't bother to call me back, they instead sent me this: 


An empty email with a header message saying contact us. Not even a body message. 

Using forensic tools

At that point, I completely gave up on Apple and I started looking for online help to fix my issue. I found a great forensic tool called Elcomsoft phone breaker for Mac:

 What this tool claimed to do was:


"Elcomsoft Phone Breaker can extract photos and videos stored in the user’s iCloud Photo Library. In addition to existing files, Elcomsoft Phone Breaker can extract media files that have been deleted from the Library during the past 30 days. Selective downloads are possible by specifying which user-created albums to download."



Exploring Elcomsoft PhoneBreaker

I was really skeptical about this software so  I decided to give it a try, I have turned off two step authentication temporarily and logged in via their program to see this interface:


I was really happy that now my missing images are appearing in "Deleted". On icloud.com, the deleted folder was empty. However, they were being displayed in this software.



Purchasing Elcomsoft PhoneBreaker

At that point, Elcomsoft has proven to be working (by allowing me to recover only up to 10 pictures). I had to purchase the software for USD200.  



After a few minutes, I received my registration code:

Starting the Download:

This was the most chaotic part. The download took almost a day despite having an internet speed of 1.5 MB/s. The download has interrupted at least 20 times (due to poor internet connectivity or iCloud issues/restrictions).



However, I realized later that the download is resumable because the pictures are downloaded in chunks inside a hidden folder called .chunks. The contents of the folder look similar to this:



So every time the download interrupted, I re-downloaded it using the same directory that had .chunks, so the download resumed instead of restarting. At the end of the day, I had my images downloaded. 


Images had no timestamp

Images were mixed without a date, so they lost they lost their chronological order. I realized that at that point, I have to contact Apple again.

Another attempt to contact Apple 

This time I couldn't even submit a request:

Final attempt to contact Apple 

The next day, I kept trying to contact support until they managed to call me. This time, finally, I was able to talk to a support technician from Apple. Apple performed their security checks and when they have done that, they have informed me that they will be able to recover them.

Their support was really great. 

Images reappear in Recently Deleted

After the call ended, support was able to restore images to "Recently Deleted" but not to "All Photos".





Support attempts to call me again 

Only to inform me this time that images have been recovered but they are in the "Recently Deleted" folder and I had no move them back to other folders to prevent the permanent deletion of them in 30 days. 



Case Closed

Images have been recovered. I moved on. 

So, what caused this?

It is not really known what caused the images to be removed. But I believe, when I have switched from my old to my new mac, I used Apple's Migrate Assistant, which moved the old Macbook data to the new Macbook. Later on, I activated iCloud Photos. So the contents of the Photos app were synced (Which had few images only).

I think that iCloud Photo Library thought that I have removed the images and thus removed them from iCloud Photo Library and consequently all of my devices.

What is the lesson?

Never trust the cloud and specifically iCloud. Your data isn't safe and might be removed forever. Physical encrypted backups for everything are a must.

Final thoughts

It was important to deal with this situation calmly, I will not stop using iCloud Photo Library even though it fucked up; but I will increase my backups with those photos. I have already downloaded Google Photos and I will be allowing the app to store all of those images. I will be also having physical and encrypted backups of those images.
Share:

Sunday, July 16, 2017

Challenge: No Internet & Cell Phone For 7 days

I've known this blogger since I was very young. Inspired by Leo Babauta's post "A Month With Limited Internet, & Now No Cell Phone", I have decided to go offline for 7 days. It believe it is an important challenge. Similarly to Leo Babauta, I:
  • Make my living on the Internet.
  • Watch movies on the Internet.
  • I receive my mail on the Internet.
  • I manage my academic duties on the Internet.
  • Study on the Internet.
  • Listen to music on the Internet.
  • Practice programming on the Internet. 
  • Socialize on the Internet.
  • I pay my bills on the Internet.
  • I make my purchases on the Internet. 
  • Backup my data on the Internet.
  • And so on...
I don't consider myself as a person struggling with internet addiction, but as a person who spends a lot of time online and sees the Internet as something that has of extreme value and importance in my life.

So, from Monday, 17th July till Sunday, 23rd July, I will not be connected to the Internet and my phone will be turned off. They will be out of reach and if possible out of the house to avoid the temptation. I will be writing down what happens every day, and in addition to not being connected to the internet, the challenge includes:
  • No SMS or chatting of any kind.
  • No movies or series of any kind.
  • No listening to music of any kind.
  • No use of laptop of any kind.
  • No use of cell-phone of any kind.
  • No use of television of any kind.
As mentioned above, the challenge will go for 7 days and in addition to that, it is a "cold turkey" challenge. Cheating is not allowed nor tolerated and would mean the challenge has failed.
Share:

Monday, July 3, 2017

Recovering a hijacked Facebook account

I can without a doubt confirm that the most hijacked and hacked accounts worldwide belong to Facebook. I have been asked myself to recover more than 15 accounts belonging to my friends or mutual friends. I don't succeed most of the time.

For example, my best friend's girlfriend had her account hijacked 1 month ago. The girl noticed the change one month later. I was asked to remedy the situation, I was having trouble even locating her account, but when I did nothing could recover her account back. The hijackers set up trusted friends, new email, new phone, new photos and even a new name.

Recently, my friend's account was hijacked and I was asked to recover it. It was an immensely important account used to conduct business and had chats were supposed confidential, so I wasn't taking it lightly.

The password's been obviously changed and the email address (Hotmail) hijacked and two-step authentication set up (Confirmed from Hotmail's account recovery process). So, recovering the account was pretty much a dead-end confirmed with Facebook's horrid message:


So, I was really stuck. At this point, there is was no direct way to contact Facebook regarding hacked accounts. You can directly contact them for impersonation or copyright issues but not for hacked accounts. 

Then, after that, I have asked the victim to find any web browser where he's logged in on Facebook in the past (with the old password), screenshot he's sent:


After he has pressed on "click here", he has indicated that the Facebook account has been compromised, next photo:


After the victim clicked on "Secure My Account", he was taken to this page, the victim's Hotmail account was compromised so he clicked on "No longer have access to these?":



And surprisingly, and taken to this annoying and useless page, the victim has clicked on "I cannot access my email account":


Then, Facebook asked for a new email address:


At this stage, an email address that I operate was provided, this page below was shown; however, this page is not accessible for everyone. The URL for this page is the following https://www.facebook.com/help/contact/278918555806469/ but apparently will not be enabled for anyone unless they went through the recovery process (from a browser that they have logged in on in the past):


After the ID has been provided, Facebook Support directly sent me an email since the victim set up an email of mine as the contact email for the resolution of the issue:


Since the victim has uploaded his ID, I have briefly described the issue to Facebook:


One day later, the account was recoverable. Win:


But we were not done yet, I've had to reverse the damage. First, I've had to invalidate the old email and add another email for the victim. At this point, I've set up an email for him from my domain name and added it to his Facebook. The email had two-step authentication configured on it as well as a complex password, and no matter what I can recover it:



The email was confirmed:


Then, the account was logged out of all the devices: 
Added phone numbers, emails and apps were all removed:


Recent activity was checked as well for malicious posts added:


That's it, the account was recovered and two-step authentication was activated now; a step the victim didn't know existed in the first place. 
Share:

Friday, June 30, 2017

How to get the url of the currently playing video of a playlist in JWPlayer 7?

In case you are a JWPlayer fan (like me), you will most probably reach a point where you'd have to use their API. I am talking mostly about the "JW Player JavaScript API Reference".

I have recently been trying to get all of the sources (.mp4 files of the same video, each with different quality) of the currently playing video item from a playlist with multiple videos (2 or more video items). I have searched a lot online no how to do that but no real help was provided as you see in the link below:

How do I get the filename of the currently playing item from a playlist containing more than one?

But nothing was helpful, so I had to dig through JWPlayer's API and find out myself how to do it in the Playlist section here. It is definitely very easy and the trick is to simply under their API and use it properly. The code uses JQuery so make sure you import it.

Here is the full code (playlistVideoLinks.js):


Here is the minified code (playlistVideoLinks-min.js):



Share:

Thursday, June 29, 2017

Can you really hack a Chromebook and get 100K from Google?

It has been almost a year since the search and artificial intelligence giant just announced on its Blogger blog that it is are willing to pay USD100,000 to whoever can hack its Chromebook. In a blog post called, Get Rich or Hack Tryin', Google said:
Increasing our top reward from $50,000 to $100,000. Last year we introduced a $50,000 reward for the persistent compromise of a Chromebook in guest mode. Since we introduced the $50,000 reward, we haven’t had a successful submission. That said, great research deserves great awards, so we’re putting up a standing six-figure sum, available all year round with no quotas and no maximum reward pool.


In other technical words, 100,000USD is to be given to whoever can hack its operating system Chromium OS that is updated almost daily from the finest and most talented software engineers.

Sounds like a good deal, yeah? Actually, not.  It is worth noting that Google set extremely hard rules and the chance of winning the amount is close to 0. Yes, it is possible to hack a Chromebook but your chances are close to 0. Here is more information about the reward:
We have a standing $100,000 reward for participants that can compromise a Chromebook or Chromebox with device persistence in guest mode (i.e. guest to guest persistence with interim reboot, delivered via a web page).

What does it mean?
  • You need to find a bug in Chromium OS's sandboxing secure mechanism that has been evolving for four years. Sandboxing ensures that each Chrome Extension (they call them apps) is run in a restricted environment and is sandboxed (quarantined, imprisoned). In other words, you need to create a Google Extension and from that extension, you need to locate a bug in Chromium OS, if it does exist I assume.
  • Once you find this invisible bug, you create an extension that would take advantage of the bug so that it would escalade access and escape the sandbox. All that, you need to in Guest mode.
  • Once you escape the sandbox, you need to find a second bug that would allow you to tamper with the system and corrupt its files. That is, first, you need to find a third bug that would allow you to access the developer's mode from the guest mode.
  • One you gain access to the developer's mode from the guest mode, you need a way to break the administrator account inside of the "Linux-based" operating system from a non-privileged account.
  • Hold on, we're not done yet. It needs to be persistent. That means, once you edit the operating system files, you need to tamper secure boot scripts as well, which double checks the operating system files on boot to see if they were tampered with.
The hack, if found, is probably worth more than USD10,000,000 in the black market, the odds of getting a Chromebook hacked from the "guest" mode is about the same odds of winning the lottery. If you're looking for some quick cash, you might as well go buy a lottery ticket rather than go get a Chromebook and attempt the hacking.

The USD100,000 is just a tiny small amount from Google's pocket, but most importantly, it is a guarantee from Google that their Chromebook is safe, as long as no one wins the bounty, Google would smile and double the amount whenever they want.
Share:

Wednesday, June 28, 2017

A Hacker's Manifesto [Full Essay]

In few months, A Hacker's Manifesto will turn 31 years old. In honor of this essay, I will repost it on my blog. The Hacker's Manifesto is known as The Conscience of a Hacker. Date released is in January 8, 1986 and the author is The Mentor.

Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...

Damn kids. They're all alike.

But did you, in your three-piece psychology and 1950's technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world...

Mine is a world that begins with school... I'm smarter than most of the other kids, this crap they teach us bores me...

Damn underachiever. They're all alike.

I'm in junior high or high school. I've listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. "No, Ms. Smith, I didn't show my work. I did it in my head..."

Damn kid. Probably copied it. They're all alike.

I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me...

Or feels threatened by me...

Or thinks I'm a smart ass...

Or doesn't like teaching and shouldn't be here...

Damn kid. All he does is play games. They're all alike.

And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found.

"This is it... this is where I belong..."

I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all...

Damn kid. Tying up the phone line again. They're all alike...

You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert.

This is our world now... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike.
Share:

Tuesday, June 27, 2017

Serving one billion monthly requests online

Today, I will blog about serving one monthly billion requests from a huge website of mine. I will speak about the architecture and network used to it. As it was recently reported on Cloudflare:



That makes around 37 million total requests per 24 hours and around 428 requests per second.


Half of the requests are cached through CloudFlare and the rest are served from Highwinds CDN. CloudFlare CDN directly is configured on top of Highwinds CDN. While this may sound vague, this means all of the website requests are passed through CloudFlare's CDN. CloudFlare's system is able to filter requests and they deliver .js and .css files from their network; the rest of the files (.jpg, .mp4 and .webm) are served from Highwinds. Reports from their Highwind's phenomenal interface SiteTracker 3.0: 


Highwinds is configured on top of Leaseweb's dedicated servers. Leaseweb is my favorite server provider. They are extremely reliable and operate their own solid network which is configured on top of Highwinds server. Traffic from one main server: 
Load on the server is tolerable (Around 800GB of bandwidth daily) due to Highwind's efficient caching. A quota of 34TB is served on that server (whether they are being used or not). They are never fully being consumed so I always pay for the reserved bandwidth that is never used.  I am bit stingy so I don't want anyone sharing the bandwidth, I don't want any competition.

I also occasionally use Google Cloud Console to deliver .json files

What is remarkable and common about Highwinds, Cloudflare and Leaseweb is that all they all operate their own networks.

Cloudflare owns 115 datacenters worldwide, and the number changes every one or two weeks whereas Leaseweb has a 5.5 Tbps bandwidth capacity and Highwinds operates multiple 10GigE backbones with stable PoP houses solid state drives (SSDs).

So, if I have to sum up the architecture used, it would look like this:


Share:

Sunday, April 30, 2017

I just recieved one of the most sophisticated phishing attacks ever

I am not a fan of hijackers and phishing criminals. But social engineering has become the most common to crack, target and steal any online account. Those hijackers either lack the sufficient skills to penetrate a system or the system is too tedious to penetrate or hack; thus they resort to sending phishing attacks. When you send a phishing attack, you can creative as much as you want and the limit would be just the sky. In this case, they started by creating extremely identical pages which is an easy step:

    Real Apple Login Page:


    Fake Apple Login Page:


But moving on, surprisingly, the phishing link was appleid.apple.com. Yes, I was extremely surprised but it turns out that their phishing attack had used unicode characters.

    Real Apple Phishing Link:


    Fake Apple Phishing Link:


Ironically, the phishing website was linking non-https images but it was detectable by chrome and not only that, they could not fake the EV Certificate which says "Apple Inc.". Looking at both source codes and comparing them confirmed the phishing attack.

After adding dummy data, a two-step authentication page was opened where the attackers have assumed I have set it up. They did not have my mobile number or my devices so they asked me to add a mobile number (which doesn't happen on a real apple login page). If I had inserted correct login information, their system would have sent me the verification code and I would have given it to them and bingo they would have accessed my Apple ID.

This is one of the best phishing attacks I have ever received, I was really impressed by it. Even the spoof email (support@apple.com) had bypassed Outlook's spam filters and went into my inbox. But the formatting of the email really looked suspicious. They succeeded in gaining my attention by saying that a purchase has been made from my account.

Share:

Tuesday, April 11, 2017

How I built an .exe program that secretly copies source code in the clipboard

My friend recently asked me to create for him a .exe program that downloads the source code from the internet and copies it to the clipboard. Source code can be anything such as Java, PHP or Python. Without doubt, the program would only work on Windows machine. My friend also wanted:

1. The program to retrieve the code from an URL which links to a text file.
2. The program should work silently, doesn't print anything on success.
3. The program should handle and catch exceptions.
4. The program should select one out of three.txt files based on users keystroke.
5. The program should be compatible with Windows 10.
6. The program should look like a calculator.

I have found the request very fun and decided to do it. C# would be a great and excellent tool for this, so I have download Microsoft Visual Studio C# 2008 for this task. I was taught C# and C++ on Visual Studio 2005 and 2008, so I really do not know the recent versions of Visual studio.


First, I have downloaded from the internet three sources codes for my friend in Java: BucketSort, RadixSort, and MergeSort. And I have uploaded them into my Google Cloud bucket.

So, I have three public URLs.

https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/BucketSort.java
https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/MergeSort.java
https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/RadixSort.java

Then, I have started by downloading and installing a Visual Studio C# 2008 from this link and created a new project. On my machine, it was installed in French for some reason, but I was too lazy to fix it.

A default form is created by Visual Studio, so I had to rename it to form to Calculator and changed its icons. I also made sure the form doesn't resize by twisting the settings. So, it looked like the image you see on the left.


Now the fun part, our program. In the source of your form, I imported the necessary libraries.

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Net;
using System.Windows;

Then, inside the constructor of the Calculator, I have created a key event listener. What this means is that if you press any key while the .exe is running, the event listener will be called. So the constructor looked like this:

public Calculator()
{
    InitializeComponent();
    this.KeyDown += new KeyEventHandler(tb_KeyDown);
}

What's left now,  doing creating the function tb_KeyDown and making it accept some arguments. Function looked like: tb_KeyDown(object sender, KeyEventArgs e).

Now, that code is inside the function, I have captured the keystroke, then decide to which links it belongs. So, if user presses on B, the BubbleSort.java would be copied; similarly for M (MergeSort) and R (RadixSort).

string dumb_key = e.KeyCode + "";
string link = "";
if (dumb_key == "B")
     link = "https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/BucketSort.java";

if (dumb_key == "M")
    link = "https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/MergeSort.java";

if (dumb_key == "R")
    link = "https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/RadixSort.java";

Now, I had to download to URL and put it in the clipboard. For that, you need to create an object of the WebClient class:

WebClient client = new WebClient();

Then download the link:
Byte[] pageData = client.DownloadData(link);

And put in a string (With the formatting and breaks):
string pageHtml = Encoding.ASCII.GetString(pageData);

Then, put it in the clipboard:
Clipboard.SetText(pageHtml);

Then, the annoying part for me was handling exceptions, so I encapsulated the code in a try/catch clause. Inside the catch clause I handled errors:
//Couldn't connect to the internet.
if (webEx.Status == WebExceptionStatus.ConnectFailure) {
    Clipboard.SetText("Couldn't connect to a network.");
}

//Catching errors such as: 404, 403 and 400.
if (webEx.Status == WebExceptionStatus.ProtocolError) {
    var response = webEx.Response as HttpWebResponse;
   
    if (response != null) 
{
         Clipboard.SetText(response.StatusCode + "");
    }
    else {
         Clipboard.SetText(webEx + "");
    }
}

else 
{
    //An unknown error has occurred, just print to the clipboard.
    Clipboard.SetText(webEx + "");
}

Then, I compiled and ran the program, and everything was working correctly. On keystrokes, the code was copied to the clipboard. I have included the .exe in case you wish to test it. Download it at your own risk.

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Net;
using System.Windows;
namespace WindowsFormsApplication1 {
 public partial class Calculator: Form {
  public Calculator() {
   InitializeComponent();
   this.KeyDown += new KeyEventHandler(tb_KeyDown);
  }
private void Calculator_Load(object sender, EventArgs e) {
  }
  static void tb_KeyDown(object sender, KeyEventArgs e) {
   string dumb_key = e.KeyCode + "";
   string link = "";
   if (dumb_key == "B")
    link = "https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/BucketSort.java";
   if (dumb_key == "M")
    link = "https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/MergeSort.java";
   if (dumb_key == "R")
    link = "https://cdn.georgechalhoub.com/api/blogger/ewoe120asdo12eqweasdf/RadixSort.java";
   WebClient client = new WebClient();
   try {
    Byte[] pageData = client.DownloadData(link);
    string pageHtml = Encoding.ASCII.GetString(pageData);
    Clipboard.SetText(pageHtml);
   } catch (WebException webEx) {
    //Couldn't connect to the internet.
    if (webEx.Status == WebExceptionStatus.ConnectFailure) {
     Clipboard.SetText("Couldn't connect to a network.");
    }
    //Catching erros such as: 404, 403 and 400.
    if (webEx.Status == WebExceptionStatus.ProtocolError) {
     var response = webEx.Response as HttpWebResponse;
     if (response != null) {
      Clipboard.SetText(response.StatusCode + "");
     } else {
      Clipboard.SetText(webEx + "");
     }
    } else {
     //Unknown error just print to clipboard.
     Clipboard.SetText(webEx + "");
    }
   }
  }
  private void Form1_Load(object sender, EventArgs e) {
  }
 }
}


Share:

Thursday, March 16, 2017

Trimming videos via FFMPEG

After continuous insisting from my friends, I have recently set up my Steam account and purchased two games, Portal and Portal 2. And I have also been recording the screen and audio while playing just for archival and other purposes such as uploading them to YouTube and profit from videos that get high hits.

Portal 2, for example has many chapters and in each chapter you have a singnificant set of levels to finish to levels. Chapter 1 of Portal 2 has 19 levels. Nonetheless, after recording one hour session, I had to split them later.

I found intially an excellent trimmmer that is really useful in QuickTime: 


However, the process was incredibly time-consuming. So, I thought I want to do it via coding and it was easier than I imagined.

Indeed, the first library that came was FFmpeg: the revolutionary and prominent and useful and capabable video editing software on existence.

FFmpeg is way more capable than just trimming videos, so trimming via FFmpeg was very easy. Searching through their official documentation, I was able to find this link.

In short the ffmpeg command needed for trimming is this:
ffmpeg -i input.mp4 -ss 00:01:40 -to 00:02:12 -c copy output.mp4

I have tested it tons of times and found out it is the fastest and safest way to trim videos. Here are the parameters in short: 
  • -i: This specifies the input file. In that case, it is (input.mp4).
  • input.mp4: This your input file. You can name it as anything you want.
  • --s: Used with -i, this seeks in the input file (input.mp4) to position. 
  • 00:01:00: This is the time your trimmed video will start with.
  • -to: This specifies duration from start (00:01:40) to end (00:02:12).
  • 00:02:00: This is the time your trimmed video will start with.
  • -c copy: This is an option to trim via stream copy.
  • output.mp4: This your output file. You can name it as anything you want.
You can run the ffmpeg command on any bash terminal and it will run smoothly. Nonetheless, if you want to trim around 13 videos you'd have to write the command 13 times, which left me annoyed. So, I had to write a small python script take care of it.

You can run this code by simply calling python ffmpegTrim.py and indeed you have to change the arguments.
Share:

Monday, February 27, 2017

Answering LOST's most confusing questions

Fifteen years ago, a phenomenal ground-breaking series aired on Abc Family, the show is called "LOST".  This show was confusing to plenty of viewers who especially didn't understand the ending and plenty of confusing questions throughout the series. I have recently rewatched the whole series and I will attempt to answer most of LOST's confusing questions.

Why didn't the black smoke kill the candidates when he had the chance, why put them on a submarine with a bomb? 

The thing is, candidates, selected by Jacob, the protector of the Island, are immune to death by the black smoke. While the black smoke can kill anyone he wants, he cannot kill the candidates. Candidates include Jack, Hurley and Sawyer. The black smoke is "extremely smart" and manipulated everyone throughout the series. The black smoke wanted all the candidates dead to be able to escape the Island, so what he has done is manipulated them to be on a submarine with a timed bomb. The black smoke realized that they would try to stop the bomb by messing with the wires and thus they would cause their own death, instead of the black smoke!  Jack, who realized the bomb cannot explode since it was set by the black smoke, couldn't prevent Sawyer, who tried and failed. So the bomb exploded.

How did Jack's dead father appear on the Island? 

The black smoke posted as Jack's dead father on the Island. So Jack was not hallucinating when his father on the island. A reminder that the black smoke and pose in any dead person's body. 

What was the horse Kate saw on the Island? 

The horse is still a mystery, however, my best guess is that the black smoke was trying to mess with Kate by posing as a horse. 

Why didn't Sayid stop Claire from killing Kate? 

Sayid's case got complicated. After dying from a gunshot, he was restored back to life with the help of the black smoke. Thus, Sayid lost his feelings and was only responding to the black smoke's requests. Sayid later repents by saving the candidates by running away with the bomb in the submarine.

Why didn't Jacob prevent himself from being killed by Ben? 

That's a very good question. Jacob was a very a cool character and really didn't give a damn plenty of times. There was no self-defense in the process of his murder. My best guess is that Jacob really trusted Ben and thought Ben would never harm him after being loyal all those years. Miles Straume, the spiritualist hired by Charles Widmore to go to the Island and has the ability to read the final thoughts of the deceased was able to hear Jacob's thoughts before his death and they were: I wish I was wrong about Ben.

Did Ben kill or order the death of the real Henry Gale? 

I would say: Definitely. Ben stole his identity, and knew where he was buried. 

What order did Desmond not follow that led to his dismissal in the army?

I don't believe Desmond ignored orders. The thing, Desmond started moving though time and places while being in the army so he was irresponsive and thus seen unfit to stay in the army.

Who is this person linked to Jack, his father Christian, and half-sister Claire?

We don't know. There is no reference to the "person" in the entire series.

Why does Ben insist that the Oceanic Six, as well as Locke, have to return to the Island?

Because they were candidates, and candidates have to protect island by preventing the black smoke from exiting the island. 

Why can Jacob leave the Island but the Smoke Monster can't?

As long as there are candidates, the black smoke cannot leave the Island, he's stuck. The black smoke cannot kill candidates too so they have to kill themselves. Candidates were picked since there were very young by Jacob.

What is the "infection"?

From CRACKED: "It is the word used to describe people under the Smoke Monster's influence. Claire was infected. Rousseau's husband and team were infected. Sayid was infected, until the power of love gave the infection the business."

Is Juliet Alive? And did she reset the chain of events with brought the passengers of Oceanic Air flight 815 to the island?

Juliet died at the beginning of season 6. She was still breathing before the last goodbye to Sawyer. Sawyer wanted to kill Jack out of anger when she died. So, we're sure that she's dead. Miles Straume, the spiritualist hired by Charles Widmore, also confirmed this when he read her thoughts later after insistence from Sawyer. As for the chain of events, they were not reset! Passengers were still on the island, nonetheless, they weren't in the 80s anywhere. They left the past. I understand how this might be confusing as season 6 aired two chains of events: one in the island and another off the island. I assume what was shown off the island would be the answer to the question: What would have happened if the airplane never crashed and events of Oceanic Air flight 815 are reset?

What Happened to Claire? She's been MIA for three seasons – what's up with that? And what is her son Aaron's role in the island's mythology?

Haven't you watched season 6? Claire reappears. It is really unknown what happened for those three seasons. But claire clearly was affected by the Black Smoke. She might have died and brought to life by the Black Smoke (like what happened to Sayeed), we don't know! But what we know is that she was responding to the requests of Black Smoke. Claire lost her sanity. As for her son, I don't know the answer of that. Her son might have no role in the island's mythology.

The Ajira Airways 316 Posse? And who exactly are Ilana and her crew?

Ilana is "summoned to the Island to protect the remaining candidates by Jacob, with whom she had a previous relationship." I recall that she was Jacob's bodyguard and she viewed him as her only "father". She was extremely saddened by his death. 

The Numbers! What is the significance of the numbers (4, 8, 15, 16, 23, 42), and do they connect somehow to the island or to its powers? And is Hurley truly cursed by them?

You really didn't watch season 6. In short, the numbers correspond to candidates 4, 8, 15, 16, 23, 42 respectively and one of them is supposed to protect the island. There are tons of pages regarding those numbers, please find them here and here.

When some of the survivors went back to the island on the Ajira flight, why didn't Sun end up in the past? Why was she still on the plane?

Very good question, I will quote lostpedia for this as there are plenty of theories:

1. Sun didn't go back in time because she was not a candidate. There is strong evidence that Jacob and his brother are based of the story of Jacob and Esau from the Old Testament. In a passage from the Old Testament, Jacob wants to pass his convenant through his grandchildren, and touches Manasseh and Ephraim. However, he touches Ephraim with his right hand and Manasseh with his left, proclaiming Ephraim will be a greater person. Similarly, Jacob touches Jin with his right hand and Sun with his left, only making Jin the candidate.

2. Sun wasn't sent back in time because she "betrayed" the Island by working for Charles Widmore just like Ben wasn't sent back in time because he moved the Island when Locke was suppose to and then even worse he came back.

3. Sun wasn't sent back in time because she was carrying a tracking device for Widmore. That is how he planned (successfully) to return to the Island. The tracking device worked as a sort of tether in time.

4. Sun didn't travel back in time because she was originally not supposed to be on Oceanic 815, and thus not supposed to be on the island in the first place. If you remember, she was originally going to leave Jin at the airport, but it was through her free will that she stayed with him. The island made sure she got pregnant so as to force her off the island so she would not travel back to 1977.  She was supposed to leave, but Jack, Kate, Hurley and Sayid were not.

Share:

Evidence shows majority of Palestinians aren't civil

In this blog, I will list the evidence that I found which suggests that a majority of Palestinians are not civil. I have coined the evidence to present it to my apologist friend who is working on his PhD in the United States. There might be more evidence online but I will stick to those for the moment.Here are main points:

Support for Ismail Haniyeh


What do we know about Ismail Haniyeh? 


Support for terrorism

  • According to a poll conducted by the Palestinian Center for Public Opinion (PCPO), 89 percent of Palestinians support Hamas and other terrorists firing rockets from the Gaza Strip at Israeli civilians.

Support for terrorist attacks

  • According to the Jerusalem Media and Communication Center, 75% of  Palestinian Arabs in Gaza favored continued murderous terrorist attacks. 
  • 51% of Palestinian Arabs favor terrorist attacks in Judea/Samaria too.

Justification for suicide terrorism attacks

  • According to Pew Research Survey (September 2013),  a whole whopping 62% of Palestinians justify the use of suicide terrorism. Quoting Pew Survey, “in some countries, substantial minorities of Muslims say attacks on civilians are at least sometimes justified to defend Islam from its enemies; in the Palestinian territories, a majority of Muslims hold this view.” Among Palestinians, 37% said suicide bombing is usually justified whereas 25% said sometimes justified it was justified. 

Extreme and morbid anti-Semitism

    • 80% of Palestinian Arabs agree with the statement in the Hamas Charter calling for formulation of the Arab and Islamic battalions to fight the Jews.
    • 73% agree with the hadith (Islamic tradition), quoted in Hamas’ Charter, about the need to kill Jews. 
    • 61% of Palestinians reject the idea of a peaceful Palestinian state living alongside Israel as the solution to the Arab/Israeli war.
    • 72% of Palestinians support denying Jewish history and connection to the land of Israel. An overwhelming
    • 92% of Palestinians insist on Jerusalem being the Palestinian capital.
    • 62% of Palestinians support a policy of kidnapping Israeli soldiers and holding them hostage 
    • 53% favor teaching hatred songs against Jews in Palestinian schools.
    • 22% of Palestinians support firing rockets at Israeli cities and Jewish citizens.

More support for murder

  • October 2010: A Palestinian Center for Policy and Survey Research poll conducted September 30 to October 2 found that 51% of Palestinians supported the murderous August 31 terror attacks by Hamas which killed 4 Israeli civilians near the Bani Nayim junction.
Share:

Saturday, February 4, 2017

Why I hate pop-under adveristments

I have written this blog for the public but especially for my assistant to illustrate to him why popunders suck.

Ever since 2017 started, one of my major websites witnessed a significant decline in its traffic. In fact, it lost over 30% to 40% of daily traffic. I was outraged, puzzled and obsessed. For days, I kept obsessing and thinking about this decline to find out a solution for this decline.

I have enjoyed a troubled, but stable relationship with pop-under advertisement networks since 2014. For almost 2 years, I have have been a customer to the most major pop-under advertisement networks, in fact, I think I've tried every popunder network you can think of, the networks are:
  • PopAds
  • PopCash 
  • Adsterra
  • ClickAdu
  • Propellerads
  • AdMaven
  • HilltopAds
There are probably other pop-under advertisement networks I had accounts with but forgot to list; nonetheless, those companies/websites made tons of money in 2014 - 2015 - 2016 as it was their time of rise.  Here are the main reasons why I hate  with popunder advertisements:

Malicious Advertisements, Viruses, and Scams

I have received many complaints about the quality of popunder advertisements being opened, where a lot of people alleged that the popups have tried to install pure viruses or unwanted software. I have personally witnessed "Get Rich Quick" scam themes, websites that were blacklisted by Chrome as "dangerous & deceptive", websites of my competitors, and endless advertised content with no value. I have very much contacted the advertisement managers and complained to no avail. You will always a bunch of amoral advertisers looking to spread of virus or malware to make money out of your clean traffic. 

Bad User Experience

This is one of the main reasons why I hate pop-under advertisements. Internet consumers like me completely abhor and oppose popunder advertisements and tend to close them as soon as they open. They're usually annoying because they hinder the user experience and stop his focus and engagement on the website by opening unwanted popups. 

Unethical popunder network

Popunder networks usually control your current eCPM and raise it or lower it for absolutely no valid reason whatsoever. One popunder network (I will not name) reported less number impressions instead of reporting the actual number. It was pretty obvious. Around 39,000 impressions were not reported. I completely ditched the network afterward. Other networks incredibly lower eCPM for no reason after realizing that you're dependent on their network. Once day you're 3.1, the other you're 0.9.


You're never in control

For most popunder advertisements, you don't control who bids on your website and who doesn't. You don't control the average eCPM that you desire to put. You have no idea how pop impressions are counted and if they are counted correctly. You have no idea if the network will ban you from the program the next day or not. You have no idea if the advertisement will contain malware/viruses or not. You have no idea how it is affecting the user experience and if users are ditching your site or whatever. You don't control anything, they control you. 


It is selling your website

Popups are easiest ways to make money off a website but they're the cheapest way. It is a quick weak fix that will pay you temporarily money until you realize that those pops are harming your business, especially on mobile where they have become incredibly unsupported (and almost tantamount) to redirecting your website to another one (aka, selling your website for cheap). 



Nonetheless... 

Popunder advertisements make money but so do drugs. I have enjoyed a 5-figures monthly income from popunder advertisements but eventually, I got sick of them and planning to ditch them when the budget permits. Not everything that makes money is good as it might destroy you in the long term. Google  hated popunder advertisements in the past and they were never integrated into the Adsense program and I completely understand and respect their decision.
Share: