Few months back Orkut added a facebook like friends finder. Using that friend finder you could find & invite all your Gmail friends on orkut without much work. We and many other at that time wished orkut should have done that facebook way and made friend finder to work with any email account. Looks like orkut team listened our calls and came up with new improved friends finder.
As shown in screenshot now you can also add friends from Hotmail, Yahoo & AOL!
"find friends" box can be seen in left sidebar on your orkuts home page. If you never used this feature in past then be sure to read orkut friend finder guide!
One more thing, some of my friends haven’t seen this new friend finder on their account yet. I guess like many other feature in past, orkut is rolling this slowly. So it make take a day or two for this feature to get activated on your account! 🙂
Authors Note: This is my 100th post on Orkut. Its always a pleasure to write for you. Thanks for your love and support. Hope to receive same in future too! 🙂
One more security or rather say annoying feature added by orkut is confirming clicks on outgoing links. As shown in above screenshot, if you now click on any link that leads takes you away from orkut, you need to go through confirmation procedure!
With bug in Orkut own Click Tracker program, features like these will end up just annoying Orkut users. Worst user may take this for granted and end up being more vulnerable.
What will happen if a malicious link is sent using a bug like in Orkut very own Click Tracker program? The link will not be categorized as outbound one, so no confirmation box will pop up!
This is where a user will be at risk as she may falsely assume that no confirmation box means no threat! :O
So to orkut team, please stop patch-working like this and do things like more sensibly.
Orkut started showing information about last login on users orkuts home page!
This is particularly good to save yourself from attackers who steals your login information but instead of deleting or making any changes to your account just monitors your private information. This is more serious threat with email accounts as everything in your mailbox is personal. On orkut still a attacker who have access to your accounts can do following things without getting noticed…
Download your contact book
Reading orkuts messages
Checking private albums/videos
Reading profile information (like cell phone numbers) which you may limit to your friends
ADVERTISEMENT
I do not think many people use orkuts messaging feature. Also last two can be exposed to attackers who if not yours, managed to crack your friends account!
Still this is really good move considering an attacker who is monitoring your account today may get pissed off by you and delete your account. Worse changing your accounts login info and worst spamming your friends with malicious scraps thus causing damage to your social image!
So my advise is to you keep checking this last login info and whenever in doubt about last login time without wasting any more time change your orkut account password!
Yes now you can have private communities on orkut where all discussion, polls, events will be secret from non-community members.
The feature can be used by all community owners by going to edit profile community link. Now Edit community page have a new setting – content privacy… (as shown below)
If you choose hidden option content from your community will no longer shown to non-members. I guess better approach would have been to hide entire community itself from directory listings as well as orkut search engine.
Finally a note for all dark-minded people… Wait before jumping out of your chair. as orkut can and will monitor content of these secret community! In fact secret communities should be monitored more… 😉
One of Devils Workshop reader mailed me this screenshot (at the right) of her facebook account! Being user of our Facebooks anti-apps Ignore ALL & Block ALL scripts she requests a way so that she can "poke back" all pokers at once.
Thanks to GreaseMonkey, we can use a auto poke script!
When installed this script will automatically check if somebody had poked you whenever you go to your facebooks homepage. If it sees any pending pokes, it will automatically poke back the poker. (Check following screenshot!)
I know the title is quite confusing! So let me quickly define terms in it…
Search-plugin – It provides the ability to access a search engine from a web browser, without having to go to the engine’s website first.
Search-bar – A browser toolbar which uses collection of search-plugins. (As shown in above screenshot)
ADVERTISEMENT
Now if you use search bar at the top right side in your firefox then you might have used Manage Search Engines option atleast once for adding a search engine for sites like YouTube, wikipedia, etc.
The above option also gives link to the page where you can get more few search engines! That page contains link to a project called Mycroft. The Mycroft project provides a collection of around 14377 (and counting) Search Engine Plugins for your web browser.
At Mycroft project you can browse/search the search-plugins of your choice. Virtually it has a search plugin for each famous website.
But wait, the real trick isn’t out yet! Does it make any sense to visit Mycroft project page to search search-plugins? NO. So I have added Mycroft search-plugin directly in my search-bar! Look screenshot below…
Not so long back bugs in orkuts privacy features made their users scrapbook & album content accessible to everyone no matter what privacy settings they choose. Orkut team fixed those bug but unfortunately they have to cancel their holiday plan if any as a new bug in Orkut discovered which let spammer send any links without filling up captcha (image verification). All this means more sCrap all spam on orkut!
#proof of concept:
ADVERTISEMENT
Paste following code in any scrapbook…
A link will be send which on clicking will take you to this blogs homepage!
Well you may link looks confusing so end user may not click on it…
ADVERTISEMENT
Ok.. What about following code…
How many of you looks at browser status bar when clicking link? 😉
#How to (ab)use!
ADVERTISEMENT
To send links all you need to do is copy following code and append any URL without http:// to it. (Do not remove any slashes…)
http://www.orkut.com/ClickTracker.aspx?url=//////
#How this bug can be abused?
Scrap All Script: Spammers most favorite & most powerful tool against orkut is Scrap All script!
To spread Trojan, viruses, spywares, worms, etc: www.devilsworkshop.rsites.dev6.rt.gw can be replace by link to malicious contents
ADVERTISEMENT
Old orkut user may remember in past spreading of worm via scrapbook was one of the reason orkut came up with captcha (image verification)while sending third-party links! What the use of captcha, if it can be bypassed!
#Bug Details
Bug is in ClickTracker.aspx (URL: http://www.orkut.com/ClickTracker.aspx ).
ADVERTISEMENT
#A simple fix Orkut can do..
Put a if-else block at the beginning of ClickTracker.aspx which checks url parameter for third party domains (i.e. anything else than orkut.com or google.com). If third party domain is found, call captcha routine or just abort the execution.
That’s it! Thanks Gaurav for the bug and reporting this in orkut google-group! If you are a google-group user please post reply in this thread so that it gets noticed by orkut team earlier!
Our reader Moses wanted to use GreaseMonkey scripts in Opera! If you are also interested in using GreaseMonkey scripts on opera here comes the two-step procedure…
# Step 1: Configuring folder to store GreaseMonkey Script (Need to do this once only)
Create a directory to store greasemonkey scripts. (e.g. C:GM_opera)
Go to Tools >> Preferences, it will open a window like below.
Navigate to Advanced Tab, then click on Content option in left menu.
Click on JavaScript Options. It will open another window like below…
Click on Choose button to create a folder or select a folder to store GreaseMonkey scripts!
ADVERTISEMENT
ADVERTISEMENT
# Step 2: Adding GreaseMonkey scripts… (for every script…)
Click on any GreaseMonkey script link. (URLs ending with .user.js extension)
You will see a plaintext file getting opened in browser without any install pop-up as you usually see in firefox!
Go to File >> Save as opera menu option. When prompted location to save script, navigate to the folder you selected in Step-1!
Thats it! Just by saving GreaseMonkey scripts to preconfigured folder you can use them in opera!
ADVERTISEMENT
#Few Notes…
To Uninstall: Just delete the script from folder or move script file to some other location!
To enable/disable: You can’t. Only Install/Uninstall options are available. Or you can move files to different folder.
To change sites script works on: Open script in any text-editor and change @include and @exclude directive manually in script file.
#Compatibility Issues…
Most GreaseMonkey scripts will work without any modification as they do not make use of GreaseMonkey APIs. But for those who make use of API you can install Emulate GreaseMonkey functions opera userscript. Installation method is same as mentioned in step-2.
ADVERTISEMENT
It may not works always but its really worth trying. So installing above script is highly recommended.
As an example our Facebooks Ignore ALL button script just works fine but Block ALL script is not working as it makes use of GM_xmlhttpRequest call which even above emulator script failed to implement! This may be bad news for orkut users as all scrap all scripts makes use of GM_xmlhttpRequest call.
You have 40 boxes added to your profile page. To help you keep your profile uncluttered, we’ve created an extended portion of your profile. You and your friends will be able to click through at any time to see the boxes you move to the extended portion of your profile.
Means all the buzz in last month about facebooks anti-spam feature against their very own facebook application turn out to be true!
I have seen following when i checked my facebook page…
When I clicked on Move To Extended Profile Button all junk just disappeared! HooRaY!!!
But wait where it gone… ??? :O
Now at the bottom of every facebook profile you can see a link like below…
Yep! The useless boxes doesn’t get load anymore without your permission!
Good move from facebook as it saves lots of my bandwidth! 😉
ADVERTISEMENT
ADVERTISEMENT
[Edit]#Wait there is something bad with the way this feature implemented: ()
ADVERTISEMENT
This extended profile concept is limited to your profile only! Means extended profile setting will not apply to all facebook profiles. So you can unclutter your profile for your friends but have to face all of the shit from them if they choose not to care about cleaning their profiles!
I guess facebook can do better by giving user a choice to make EXTENDED PROFILE VIEW is default across whole facebook. So whenever a user goes to any profile, by default only small and important portion will be loaded and rest will be waiting in extended profile. This way facebook will look more personalized and also lots of time & bandwidth will be saved for users as well as facebook! 🙂
Major Update: This plugin’s new version has been released with many new features like:
Zero changes requires on WordPress-side. Plugin handles everything automatically on WordPress.
New configuration wizard help you setup redirection without much efforts.
Supports importing from multiple Blogger.com blogs.
Add supports for “rel=canonical” & “meta-refresh” tags on Blogger.com which will speed-up redirection. This will help search engine update their index faster.
Update: This plugin maintains permalinks but in case you want to preserve Google Pagerank and other search engine ranking, please read this new complete tutorial first.
If you have imported your blog from blogger (blogspot.com) then you might be redirecting visitors from your old blogspot blog to your new wordpress blogs HOMEPAGE. While this approach ensures that you get all the traffic redirected from your old blog to new blog, a visitor may feel lost! What if a person is referred to your old blog via search engine or other link listings?
So this plugin just takes care of this part. It checks for which post people were looking on old blog and then redirect them to same post but on new blog! See following picture which will give you brief idea about what you can accomplish using this plugin…
This plugin assumes following things:
You used wordpress blog importer while importing your blogspot beta blog.
You put redirection code in your old blogspot blog. An example of code is attached below. I strongly recommend using it only.
You have imported only one blog. In next version I will remove this restriction so that you can import (or say merge) two or more blogspot blog into one new wordpress blog.
ADVERTISEMENT
Installation (Blogger Blogspot Part):
Log into your blogger account.
Select old blogspot blogs template/layout. If you are using new custom layout, use “Revert to Classic Template” option on Edit HTML.
Go to “Edit HTML” tab.
Put following codes there with one important change and save changes.
ADVERTISEMENT
(Important: Replace http://www.devilsworkshop.rsites.dev6.rt.gw/ in following code with your wordpress blog URL)
<html>
<head>
<script LANGUAGE="JavaScript">
<!--
window.location.replace("http://www.devilsworkshop.rsites.dev6.rt.gw/");
-->
</script>
<noscript>
<meta http-equiv="Refresh" content="10; URL=http://www.devilsworkshop.rsites.dev6.rt.gw/"/>
<meta http-equiv="expires" content="10"/>
<meta name="Description" content="301 moved permanently"/>
<META NAME="ROBOTS" CONTENT="NOINDEX, FOLLOW"/>
<META NAME="GOOGLEBOT" CONTENT="NOINDEX, FOLLOW"/>
</noscript>
<title>301 moved permanently</title>
</head>
<body>
<center>
<h1>Devils Workshop</h1>
<p>has been moved to new address</p>
<a href=" http://www.devilsworkshop.rsites.dev6.rt.gw"> <h1>http://www.devilsworkshop.rsites.dev6.rt.gw</h1></a>
<p>Sorry for inconvenience... </p>
</center>
</body>
</html>
Upload rbBloggerToWordpress.php into ‘wp-content/plugins’ folder.
Go to plugins option under wordpress’s Admin panel. You will see a “Blogger To WordPress Redirector” Plugin Listed there.
WAIT! Do NOT click Activate. First Click Edit.
On next screen put your old blogspot blog address next to $oldBlogURL variable! For ease search rb286.blogspot.com and replace it with your blogspot address. Sorry for this manual work, I will automate this step in next version.
Then click Update File link their to save changes.
Go back to plugins page and this time Activate the plugin!
That’s it! This plugin will now onwards map your old blogspot post to new wordpress posts on 1-to-1 basis.
Known Issues:
ADVERTISEMENT
Popular desktop blogging client Windows Live Writer stops working if you use this plugin. But there is temporary workaround. Disable the plugin & paste following code into current templates index.php [i.e. Main Index Template] before everything else! [Path: Admin Dashboard >> Design >> Theme Editor]
#Code: [Note: Replacerb286.blogspot.comwith your old Blogspot address]
<!--?php
oldBlogURL = "rb286.blogspot.com";
$ref = $_SERVER['HTTP_REFERER'];
$refarr = explode("/", $ref);
if ($refarr[2] == $oldBlogURL ){
$bloggerurl = '/'.$refarr[3].'/'.$refarr[4].'/'.$refarr[5];
$sqlstr = " SELECT wposts.guid FROM $wpdb->posts wposts, $wpdb->postmeta wpostmeta WHERE wposts.ID = wpostmeta.post_id AND wpostmeta.meta_key = 'blogger_permalink' AND wpostmeta.meta_value = '".$bloggerurl."' ";
$wpurl = $wpdb->get_results($sqlstr, ARRAY_N);
if ($wpurl){
header( 'Location: '.$wpurl[0][0].' ') ;
exit;
}
}
?>
ADVERTISEMENT
Example :: How this plugin works?
First note that, there are two parts – blogger part and wordpress part.
Also for the sake of simplicity lets assume old.blogspot.com/cool-post is mapped to new-wordpress.com/cool-post
Now observe journey of a user…
User requests old post – old.blogspot.com/cool-post
old.blogspot.com send user to new-wordpress.com.
Now at new-wordpress.com, second parts get activated as visitor is coming from old.blogspot.com.
Second part checks for HTTP Referrer information from where it finds URL of old.blogspot.com/cool-post.
Using this information second part at wordpress finds new-wordpress.com/cool-post and sends it to browser.
In fact, the whole process is so transparent that if a user have address bar disabled he will never notice any sign of redirection process. 😉
About Javascript code at blogger end… its for non-standard browsers who don’t respect meta tags.
About NOINDEX FOLLOW, it tells crawler not to index blogspot page but FOLLOW redirect. Also NOINDEX will instruct crawler to drop already indexed version of page. We need to use NOINDEX because new wordpress post have same content as old blogspot post. This is to ensure that we explicitly handles duplicate content problem.
Let me know if I am missing something as this is my first wordpress plugin.
Credits: I am grateful to Charles and Live HTTP headers firefox extension for their help while coding this plugin!
