Nokia’s baddest handset, the E90, has been sighted. Dummy units, at least.

I was at SM City Manila last Saturday, and look what I had found:

This one is at Silicon Valley.

This one at Power Mobile.

I got to hold a dummy unit at Power Mobile:

No, I did not bother asking if it is available, nor what is the price. At this early date, its price will be ridiculously expensive.

Maybe the reason I still don’t have the E61i after almost three weeks since that blasted retention application is that E90 is the phone for me. Heh.

Incidentally, when I visited the Nokia Asia Web site, a browser window popped up, asking me to take a 10-minute survey (even apologizing for the distraction). So I took it, and after three clicks, the survey informed me that they are looking for another age group. I closed the window in disgust. Nokia, you wasted my time.

Do you know why the Konami Code was invented?

Try playing the original Contra without the benefit of the Code and then know why. That game is darn hard to finish without 30 lives! (Actually, the Code was first used in Gradius, but was made famous by Contra.)

Contra celebrates its 20th anniversary this year. Arguably, this game series is one tough game, from the NES versions to the current PS2 incarnations. What made this game so popular? Was it the innate difficulty? Was it due to the satisfaction it brings, shooting down enemies?

For me, it is due to sheer fun of playing Rambo.

Though I must limit the raves on the Nintendo versions. The PS2 versions, Neo-Contra and Contra: Shattered Soldier, are different animals. I have both of these games, and I enjoy seeing them in their cases. No one among my siblings enjoyed playing these games. In fact, a high school friend who has a knack of finishing games in the first sitting gave up on these games.

The Contra series left a large legacy. I mean the word “large” literally. Contra pioneered the large boss concept. Those Metal Slug bosses, those insane machines, they were not the first. The big boss in the first Contra is hideous! It looked like a scrotum when I first saw it!

Some Contra games are available in Collections for Nintendo DS. The original is available at Xbox Live Arcade. For everyone else, there’s an emulator and several ROMs over the internets. All you have to do is search.

(images snipped from The Contra HQ)

Trend Micro has revealed the existence of a proof-of-concept (PoC), cross-site scripting (XSS) code that affects Yahoo! Mail.

From their blog:

Here’s how the exploit works. The first component (which is written in Perl) is installed on a web server. This code is supposed to execute whenever a user visits a web page that is hosted on that server. The path of the CGI script on the web server is then parsed by the second component and appends a Yahoo URL string to it. An entirely new URL is generated. This URL can be sent to an unsuspecting user through an innocent-looking email or YM message. When the user clicks on the URL, his Yahoo account becomes compromised.

The Trend Micro Virus Encyclopedia entry for EXPL_YAHOXSS.A is more descriptive:

The link to the Web site where this code is hosted may arrive embedded in spammed email messages. The said link may appear as the following:

http://search.yahoo.com/web/advanced?ei=UTF-8&p=%22%3E….

The said link tricks the user into thinking that it is related to Yahoo! search results.

Once clicked, it connects to a Web site with an embedded Perl script. The said script, which automatically runs when accessed, steals cookies related to the affected user’s Yahoo! Mail account. This allows a remote malicious user to take control of an active Yahoo! Mail session while the affected user is logged in.

If you notice your browser’s address bar when viewing Yahoo! Mail, it has a lot of seemingly-random strings of text. XSS is dangerous because if a target Web site doesn’t validate a URL, anything can happen, depending on the script used by that Web site. This problem had manifested in LiveJournal (which led to change in user URLs, from www.livejournal.com/users/user_name to user-name.livejournal.com) and MySpace.

While this problem is just a proof of concept, the fact that the PoC exists proves that it can be done. All it takes is a very good programmer to get the PoC code, tinker with it, and release it in the wild.

Again, be careful when handling links/URLs being sent to you via email or IM, even if they come from trusted sources (remember SOHANAD?).

Found this coolness via Joystiq.

A blogger named Grownup Gamer has a mission: to blog in detail about all the Legend of Zelda games!

The first Zelda is one tough game to finish, and I still have to finish the second Zelda, A Link to the Past, and The Wind Waker. The Minish Cap had been my companion on the way home from the office. I still have to play a lot of Zelda games, so Blogging Zelda is a nice trip to every iteration of Hyrule.

I just hope the blogger doesn’t lose steam. He has to cover fifteen games, and so far he has finished the first Zelda.

Are you a Zelda fan? What is the appeal of this game series to you?

I met Eugene Villar at iBlog3. He’s one cool guy. After all, he created his own content management system that powers his blog, vaes9, and is now leveraging the power of Google Earth to drive Vista Pinas.

Another feather in his cap is Lakbayan. Lakbayan notes down the places in the Philippines where you had passed through/visited/lived, and then gives you a grade.

(How much of the Philippines have you visited? Find out at Lakbayan.)

Go give it a try!

Now, I am waiting for the nitty-gritty details on how he came up with this project (like how the grade is computed).

My suggestion at this point is not really technical, but I guess to make the grade more representative of one’s travels, all the cities/towns of a province should be listed. I am not sure if Alcala, Pangasinan is east or west Pangasinan. And as Eugene himself has said, “just because you’ve been to Boracay doesn’t really mean that you’ve “seen” Aklan, right?” Since I had been in La Trinidad in Benguet, I just can’t select Benguet.

Great work, Eugene!

It’s time to use the power of a meme to a greater cause.

Started by Tingog.com as a writing project for Musa Dimasidsing, spawning 21 entries, it is now time for others to do something about it. This meme is just a small way of showing our awareness about current events.

The rules of this meme are simple:

* Join all of the MyBlogLog communities on the list below.
* Copy the list and create a new post on your blog on the victims of electoral violence and paste the list onto your post.
* Write a brief paragraph that explains what the meme is above the list (just as I have done here).
* Add your Blog using the URL of your entry on Victims of Electoral Violence plus 2 or 3 more MyBlogLog communities to the list and then publish the post.
* If you want to be added to this list, simply drop me a comment below with your Blog Name/URL and MyBlogLog URL.

The Raising Awareness thru MyBlogLog Community Exchange List:

* Pedestrian Observer | Join MyBlogLog
* Thirty Thousand Fishes | Join MyBlogLog
* Tingog.com | Join MyBlogLog
* An OFW Living in HK | Join MyBlogLog
* Prudence and Madness | Join MyBlogLog
* The Construct by Alex Maximo | Join MyBlogLog
* Blog @ AWBHoldings.com | Join MyBlogLog
* Miguel Paraz/Migs | Join MyBlogLog
* Add Your Site here | Join The Above. Drop A Comment Below!

What turned out to be a surprise is now turning into a dud.

On its annual Worldwide Developers Conference, Apple has announced that it is releasing its Safari browser for Microsoft Windows.

The initial reactions are negative. Here’s a roundup on reactions regarding Safari for Windows:

* Alec Saunders: Take a pass on Safari
* Chris Pirillo: Safari on Windows? Yawn.
* Mike Cane: Apple Safari Browser For Win XP: Super Fast And Super Sick
* Ars Technica: Microsoft, Mozilla execs respond to Safari on Windows announcement
* Ars Technica: First look: Safari 3 beta on Windows vs. Firefox 2 and IE7
* TrendLabs Malware Blog: New Safari 3 Beta for Windows insecure
* Symantec Security Response Weblog: Vulnerabilities for Safari on Windows

The vulnerabilities are expected, since this Safari release is a beta.

My take: it is faster when loading pages compared to IE7, but FireFox is faster. Safari renders a page like IE; this blog appears almost the same with Safari and IE7.

On Firefox

On IE7

On Safari for Windows

Though I must admit Safari renders this blog better than the two.

There’s two, related running jokes regarding this move by Apple. One, Safari is a big Trojan horse. Second, Safari was released to highlight the fact that Windows is one security nightmare. Heh.

This is a good browser, not as fast as FireFox and Flock, but better than IE. But don’t use it yet. As this is a beta release, you will be safer by sticking with your current browser.

(Oh, this entry is posted using Safari.)

PS: Look at my comment below. Comment made using Safari for Windows.

So last Thursday I went back to my favorite place on earth, Smart Wireless Center-Megamall to follow up on my four-months-pending retention application (for a Nokia E61). I already had an idea before then about what happened to that application – it went nowhere.

So I came prepared. I am ready to re-apply again, this time for a Nokia E61i, since I know that E61 is no longer available. Same with Sony Ericsson P990i.

As expected, the lady customer care officer couldn’t find the first application. So she asked me if I want to re-file. Which I did. So I asked her how long will I wait again, and she said that within a week I will receive a call informing me of the status of the application.

Now, it is just wait and see. I don’t have high hopes, though. Smart made me wait four months for nothing. Geesh.

Users of the popular/ubiquitous/bane of corporate IT people Yahoo! Messenger are advised to update to the latest version (8.1.0.401) of the said instant messaging application due to the existence of two ActiveX vulnerabilities.

The said vulnerabilities are ActiveX buffer overflows that can lead to remote code execution. These ActiveX controls are related to YM’s Web cam capabilities (so you live show-ers are mostly affected).

Related to this topic, Trend Micro has detected a new malware that specifically exploits these YM vulnerabilities. Dubbed as JS_DLOADER.NSP, this JavaScript malware exploits the YM vulnerabilities to download another malware.

By this time, YM should have prompted you to download the update, unless you’re the type to ignore updates. I suggest you do so, now. Your live show will have to wait.

So to continue the Smart SIM card saga, Tuesday night I swapped the SIM cards of the Nokia 3660 (which currently houses the Sun SIM card) and the Sony Ericsson M600i. On first try, M600i immediately recognized the SIM (this doesn’t happen for the 5-year old Smart SIM). The same happened when I inserted the Smart SIM on the 3660.

Yesterday, I got three “SIM Registration Failed” error messages on the 3660. I got none on the M600i. It seems the Smart SIM is about to die. So off I went to my favorite Smart Wireless Center – in SM Megamall.

The person who took my case was very accommodating, and without inspecting the SIM card, he replaced it with a Smart GOLD 3G SIM card. No questions asked. Though I was charged Php 3++ for it. That’s why “no questions asked.” Money really talks.

—

Tuesday night, I also called the Smart hotline (888-1111) to relate the problem. The person on the other end asked if I have tampered my SIM card.

Duh.

Anyway, so he told me to go to a Wireless Center to have the SIM checked and replaced if necessary. I also made a followup on my four-month-old application for a new phone unit. Well, what do you know, he has no idea what happened to it. He told me that based on my past calls, all that were recorded were followups. No record whatsoever whether it was approved, denied, buried somewhere.

According to the guy, Nokia E61 is not available on any of their Wireless Centers, and I think the reason why my application is four months pending is that they are no longer going to offer this unit. See this screen grab of their Web site:

So they are offering Nokia E61i, and I asked where is this unit available. Not available in any Wireless Center at that moment, I was told. And since SE P990i is attractively priced under my plan, I asked for availability. Only available at Smart Tower, sir, and I cannot assure you that it will be available after this conversation, he said.

Time to switch?